The Insider Threat Vulnerability Assessment (ITVA) method used by Tanager evaluates an organization’s preparedness to prevent, detect, and respond to insider threats. The ITVA long-term purpose is to assist organizations in reducing exposure to damage from potential insider threats.
The ITVA was developed by the CERT Insider Threat Center. Tanager is one of a select small group of companies that is licensed to provide official SEI services in Insider Threat Vulnerability Assessments.
The CERT Insider Threat Center began in 2001 with the mission to conduct empirical research and analysis to develop and transition socio-technical solutions to combat insider cyber threats. The CERT Division of the Software Engineering Institute (SEI), studies and solves problems with widespread cybersecurity implications, researches security vulnerabilities in software products, contributes to long-term changes in networked systems, and develops cutting-edge information and training to help improve cybersecurity.
Scope of ITVA
The ITVA performed by Tanager is focused on areas of concern observed in the hundreds of cases in the CERT Insider Threat database. We will assess vulnerabilities that are both Technical and Behavioral including, but not limited to, psychological, process-based and policy-based vulnerabilities. Types of activity covered include IT Sabotage, Theft of Information and Fraud.
The ITVA is limited to organization-defined critical services. It focuses on people, technology, information, business processes and facilities that support those services.
What the ITVA is not:
- Not an audit or compliance exam
- Not looking for malicious insiders
- Only assessing organizations against vulnerabilities in the CERT database of cases
- Only looking for “intentional” activity — does not include unintentional exploits
The following diagram illustrates the methodology that Tanager uses for the ITVA:
Tanager’s ITVA team will perform the assessment is done in partnership with assessed organization. The assessment is limited to organization-defined critical services. These could be one or more locations, one process/service or multiple or it could be an enterprise wide assessment.
At the end of the assessment, Tanager will provide the organization with a confidential ITVA Report which explains the findings.
As a direct outcome of the ITVA and the Summary Report, the organization will be empowered to develop an actionable framework to implement improvements as well as the business justification to do so.
Beyond the ITVA, Tanager can assist in setting up an Insider Threat Mitigation Program. With the support of our expertise and experience as well as our Insider Threat Development Lab and our User Activity Monitoring/User Behavior Analytics product partners Tanager is uniquely positioned to provide to help develop a solid Insider Threat Mitigation Program. [link to Insider Threat pages]
- All project documentation, as well as, interviews, discussions, and demonstration details are held in confidence.
- No attribution of data collected.
- Data is protected and securely stored at all times.
- Classified documents will only be reviewed while on site.