CERT Insider Risk Management Symposium 2021 to Explore Balanced Approaches to Insider Risk
• Article
September 1, 2021—The SEI will host the CERT Insider Risk Management Symposium 2021 on September 28 and 29, from 11 a.m. to 1 p.m. EDT each day. The free, virtual event brings together recognized leaders in insider threat research, as well as leading insider threat program practitioners in both government and industry, to discuss the latest challenges and best practices in insider risk management. Anyone can register for the symposium, which is geared toward insider threat program stakeholders such as program managers and analysts.
The symposium supports this September’s National Insider Threat Awareness Month. For the third year running, the National Counterintelligence and Security Center, National Insider Threat Task Force (NITTF), Office of the Undersecretary of Defense for Intelligence and Security, Department of Homeland Security (DHS), and Defense Counterintelligence and Security Agency (DCSA) are partnering with insider threat community stakeholders to emphasize the importance of safeguarding the nation from insider threat.
The theme of this year’s insider threat awareness month is cultural awareness, which is an important component of insider risk management, according to Dan Costa, technical manager of the CERT Enterprise Threat and Vulnerability Management team.
“Integrating insider risk management with enterprise risk management has always been a key piece of our insider threat best practices,” said Costa. “As we’ve worked with government and industry, we’ve learned how valuable a risk management approach is to maturing insider threat mitigation capability from reactive to proactive.”
Balancing approaches to insider risk management is the theme of this year’s CERT Insider Risk Management Symposium, the eighth such annual gathering. The event’s presentations and panels will focus on the complexities of insider risk management and strategies for effectively balancing its operations across the dimensions of people, organizations, and management.
“The pandemic has increased the personal and professional stressors on the workforce,” said Costa. “We’re seeing a marked shift in the insider threat controls that security practitioners are selecting. They’re augmenting their traditional detection and response capabilities with management practices that increase perceived organizational support, connectedness at work, and employee engagement. This year’s symposium will highlight how to combine technical approaches to insider risk management with nontechnical approaches, which are needed now more than ever.”
The symposium will open with remarks from Greg Touhill, director of the SEI’s CERT Division, and Randy Trzeciak, the CERT Division’s acting technical director of security automation. Members of the CERT Insider Risk Management team will then hold a panel on emerging trends in technical approaches to insider risk quantification. Costa will open the second day of the symposium, followed by Trzeciak and Brett Tucker, the CERT Division’s cybersecurity risk management technical manager, presenting on ransomware infections through the insider threat vector. More SEI experts will hold a panel on balanced approaches to insider risk management, and Trzeciak will close the program.
For a preview of the symposium’s topics, join Costa and Trzeciak for the webcast Balanced Approaches to Insider Risk Management at 1:30 p.m. EDT on September 8. They will discuss the changing landscape of insider threat and future research in this area. They will also answer participant questions about what organizations should do to address insider threats. Registration for the webcast is free and open through the day of the event.
A database of more than 3,000 insider threat cases, pulled from court records and other public sources, underlies the CERT Insider Risk Management team’s body of empirical research. The team is leveraging this data to produce the Common Sense Guide to Managing Insider Risk, due out later this year. This seventh edition of the popular publication was previously called the Common Sense Guide to Mitigating Insider Threats. The new edition adds a new best practice on collecting and using incident data to support insider risk management, among other changes.
The team’s other upcoming work in insider risk management includes positive deterrence, data-driven approaches to insider risk quantification, supporting such quantification with artificial intelligence and machine learning, and maturity models for insider risk management programs.
Register for the September 28 and 29 CERT Insider Risk Management Symposium 2021, and register for the September 8 webcast. Learn more about the SEI’s work in insider threat and risk on our website. Read insider threat blog posts, and browse the topic “Insider Threat” in our digital library. Contact the team at insider-threat-feedback@cert.org.
