The CERT Program at Carnegie Mellon University's Software Engineering Institute has been researching insider threats since 2002. We have compiled a database containing hundreds of actual insider threat cases. Our insider threat research focuses on both technical and behavioral aspects of actual compromises; our goal is to raise awareness of the risks of insider threat and to help identify the factors influencing an insider's decision to act, the indicators and precursors of malicious acts, and the countermeasures that will improve the survivability and resiliency of the organization.
We have combined all of our work into a two day workshop on insider threat. The workshop consists of presentations and interactive exercises in which participants are led through portions of the CERT insider threat assessment instrument, which was developed to enable organizations to assess their insider threat risk. The assessment addresses technical, organizational, personnel, security, and process issues. The purpose of the exercises is to assist participants in assessing their own organization's vulnerability to insider threat in specific areas of concern. Our goal is that participants leave the workshop with actionable steps that they can take to better manage the risk of insider threat in their organization.
The target audience is managers, leaders, directors, and chief executives across all facets of the organization including IT, HR, Legal, Physical Security, and Operations. The workshop will benefit team leaders, project managers, business managers, financial managers, security officers, risk officers, C-Level managers and anyone else responsible for creating, implementing, enforcing, and auditing practices and procedures throughout the organization.
There are no prerequisites for this course.
Participants will receive a course notebook, case studies and a CD containing the course and supplemental materials.
This 2 day course meets at the following times:
Days 1-2, 8:30 a.m. - 4:30 p.m. (U.S. Locations)
Days 1-2, 9:00 a.m. - 5:00 p.m. (non U.S. Locations)