This three and a half day course builds upon the initial concepts presented in the prerequisite courses Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats and Building an Insider Threat Program. The course presents a process roadmap that can be followed to build the various parts of a robust Insider Threat Program. It discusses various techniques and methods to develop, implement, and operate program components.
This training is based upon the research of the CERT Insider Threat Center of the Software Engineering Institute. The CERT Insider Threat Center has been researching this problem since 2001 in partnership with the Department of Defense, the Department of Homeland Security, the U.S. Secret Service, other federal agencies, the intelligence community, private industry, academia, and the vendor community. This training course supports organizations implementing and managing insider threat detection and prevention programs based on various government mandates or guidance including: Presidential Executive Order 13587, the National Insider Threat Policy and Minimum Standards, and proposed changes set forth in the National Industrial Security Program Operating Manual (NISPOM).
Please note that successful completion of this course is a required component of the Insider Threat Program Manager Certificate Program. To learn more about the certificate and package pricing for the courses, please go to: http://cert.org/insiderthreat
This course is also recommended for anyone pursing the certificates for the Insider Threat Vulnerability Assessor or Insider Threat Program Evaluator, but is not required.
The course covers topics such as:
At the completion of the course, learners will be able to:
Participants completing the Insider Threat Program Manager Certificate Program must take the pre-requisite courses: Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats and Building an Insider Threat Program.
Course methods include lecture, group exercises, and scenario completion.
Participants will receive a course notebook, case studies and a CD containing the course and supplemental materials.
This 3-1/2 day course meets at the following times:
Days 1-3, 8:30 a.m. - 4:30 p.m.
Day 4, 8:30 a.m. - 1:00 p.m.
This course may be offered by special arrangement at customer sites.