At U.S. Strategic Command in Omaha, Nebraska, a cyberthreat analyst busily monitors potential insider threats for the command's top-secret, secret and classified networks.
Mariah Miller-Gordon, 25, the developer of the year-old program — called the Cyber Threat Analysis Risk Assessment Matrix — is preparing the matrix for use at other Defense Department organizations.
On Nov. 29, at the 2018 DOD Chief Information Officer Annual Awards for Cyber and Information Technology Excellence ceremony at the Pentagon, Miller-Gordon won an individual award for her work in developing a matrix aimed at identifying insider threats.
She credited a team effort in her division for the win, noting that her team identified the need for a system that documented and described “the whole threat profile of an individual and what it looks like to the command,” she said.
Quantifying Insider Threats
The matrix helps quantify insider threats, and in the first year of its use Stratcom has identified more than 250 potential insider threats, thanks to Miller-Gordon's vision.
“The risk matrix came as a need to … describe how it [insider threats] actually impacts the mission and how we quantify those things,” she said.
“You've got to know what's valuable to the J-3 [operations], the J-5 [plans and policy], to safeguard that information. If you don't know what the information does or doesn't do, then you don't know…
