To fight insider threats, AF team models network protection layers

To fight insider threats, AF team models network protection layers

A team from Hanscom Air Force Base has developed a model for delivering solutions that protect against insider cyber threats. 

Last year the special programs unit opened the Materiel Solutions Analysis (MSA)  Lab, where the team tests commercial technologies that could potentially function on a secure network and, at the same time, serve as a deterrent for insider attacks.

After testing more than 100 proposals on insider threat mitigation technologies, MSA and its partner the MIT Lincoln Lab started to notice a pervasive misconception among companies: That there is a single solution to insider attacks.

“To believe a single technology exists that will prevent malicious insiders from stealing, altering or destroying sensitive information is inaccurate," said Lt. Col. Richard Howard, the MSA chief.

Researchers and engineers at Hanscom developed what is referred to as the Insider Threat Universe, a model that conveys how technologies protect different parts of the Air Force’s secure networks. The ITU works in layers, representing data-at-rest encryption and role-based access controls, for example, but does not examine network protection in whole, only in part.   

The MSA team recently hosted a Cyber Insider Threat Workshop where participants discussed mitigation efforts and how they fit into the ITU model.

"Communication is the only way synergy can be developed across the board," said Paul Krueger, the MSA chief engineer. "Making the community aware of currently used technologies, as well as equipment and software that's being tested and fielded by facilities like the MSA Lab, is critical to solving this problem."

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected