MITRE and DTEX Announce Public-Private Partnership to Elevate Insider Risk Programs & Advance Human-centric Security

Today’s employees work within a high-paced, technology-enabled world where they are asked to do more and do so faster than ever before. This workforce requirement, coupled with the rise in the threat of nation-state adversaries aggressively targeting trusted insiders, is driving a call to action within Five Eyes Critical Infrastructure organizations to manage insider risk more effectively while also protecting increasingly distributed and hybrid workforces.

To meet this need, we are pleased to announce the formation of a public-private partnership with The MITRE Corporation, a non-profit research and development organization that works in the public interest. Together with MITRE, we will conduct collaborative research and deliver MITRE Inside-R Protect as a set of data-driven, community-oriented service offerings to help industry and government elevate their insider risk programs using behavioral sciences. The MITRE Insider Threat Capability has 15 years of experience leveraging and combining behavioral and technical sciences to help insider risk programs more effectively deter, detect, and mitigate insider threats.
“The risk to the critical infrastructure organizations of the Five Eyes from insider threats is very real, and any compromise to the security of these organizations will have a damaging and lasting impact to these nations’ economies and the safety of their citizens,” said Julie Bowen, MITRE’s Senior Vice President of Operations, Outreach and Chief Legal Officer.

Under a non-exclusive licensing agreement, MITRE and DTEX will conduct collaborative research and deliver MITRE Inside-R Protect as a set of data-driven, community-oriented service offerings to help industry and government elevate their insider risk programs using behavioral sciences.

MITRE Inside-R Protect will offer Five Eyes critical infrastructure organizations the following service offerings:

• Expert review of existing or planned insider risk programs,
• An independent, data-driven, insider risk assessment and support for self-assessments, and
• Continuous knowledge transfer and closed-door briefings on MITRE insider threat research and actual insider threat cases.

“MITRE recognizes three fundamental challenges in insider threat,” said Dr. Deanna Caputo, MITRE’s Chief Scientist for Insider Threat Capabilities. “First, there is a lack of data-driven, behavior-based, and rigorous scientific evidence to understand these escalating risks. Second, there is an over-reliance on frameworks and security controls focused on addressing external cyber threats. And third, insights are being made from a small pool of case studies that lack sufficient detail. We feel that these challenges must be addressed immediately as a component of our mission to solve problems for a safer world. We needed to raise the bar.”

The Honourable Steven Marshall MP, Premier of South Australia, stated, “the threat from inside our Critical Infrastructure is very real, and any compromise to the security of these entities will have a damaging and lasting impact to a nation’s economy and the safety of its citizens. We are proud to host MITRE’s collaboration with DTEX through the A3C in South Australia, and I applaud their commitment to solving this urgent requirement in the interests of national security.”

MITRE and DTEX Systems, both members of the Australian Cyber Collaboration Centre (A3C), decided to elevate the conversation regarding insider risk in early 2020. Sponsored by the A3C, MITRE and DTEX conducted a data-driven study of the modern insider threat landscape that was completed in May of 2021. Researchers explored how remote workers searched, collected, and exfiltrated real data on a live corporate network, and how their behavior was affected by their intention (malicious vs. benign) and technical expertise (expertise agnostic vs. advanced technical expertise). The study, “Remote Worker Cyber Indicators of Malicious Insider Threat,” identified and differentiated behavioral characteristics of malicious users from those of benign users. The results revealed multiple cyber indicators of real-life, malicious, remote workers.

“Insider threats, whether the result of a malicious insider, or a non-malicious employee, represent one of the greatest risks to an organization’s brand, intellectual property, workforce, and supply chain,” said Mohan Koo, CTO and co-founder, DTEX Systems. “Our research with MITRE found new human behavioral indicators and patterns of malicious behavior by an employee. These indicators, in the hands of MITRE’s experts and scientists, and layered into our DTEX InTERCEPT platform, offer Five Eyes critical infrastructure organizations an opportunity to identify and mitigate insider-born risks before data exfiltration, sabotage, and fraudulent behaviors result in permanent operational damage.”

To learn more about our partnership with MITRE and Inside-R Protect, visit https://www.dtexsystems.com/platform/inside-r-protect/.

On Feb. 24 at 1 p.m. ET, Bowen and Chris Folk, MITRE’s director of cyber partnerships and policy, will host a live briefing, “For the Greater Good: How Global Partnerships Address Emerging Human-Centric Risks and Improve Cyber Resiliency.” The exclusive briefing will take a deeper look into MITRE’s vision for the future of cybersecurity and explore the areas of possible partnership to address these common-good challenges. Included will be a brief overview of Inside-R Protect and a discussion of the opportunities available to government and private entities to develop data-driven approaches, conduct applied collaborative research, and deliver community-oriented frameworks, specialized review and assessment services, and other tools to address the challenges facing security teams and global leaders. Those interested in attending should visit https://www2.dtexsystems.com/for-the-greater-good to request an invitation.