Insider Threat Certificates

Training and certificate programs for program managers, vulnerability assessors, and program evaluators.

Announcing classes for Spring, Summer, and Fall 2014

Learn from a Trusted Partner

Our research partners include the Department of Defense, the Department of Homeland Security, the U.S. Secret Service, as well as other federal agencies, the intelligence community, private industry, academia, and the vendor community.

As part of Carnegie Mellon University’s Software Engineering Institute, a Federally Funded Research and Development Center (FFRDC), we are uniquely positioned as a trusted broker and have been assisting the community for over a decade.

Learn more about Insider Threat research.

Fulfill Executive Order 13587

President Obama’s Executive Order 13587 requires federal agencies that operate or access classified computer networks to implement an insider threat detection and prevention program.

Proposed changes to the National Industrial Security Program Operating Manual (NISPOM) would require the same of contractors that engage with such federal agencies.

Our certificate program can help organizations satisfy the requirements of this order with sophisticated, flexible insider threat programs that are tailored to the unique circumstances of individual organizations.

Video Highlights

Certificate Programs

Overview

The need for qualified experts to support organizations in the development and operation of insider threat programs is now greater than ever. To meet this growing demand, we are developing new solutions to transition our important research and enable others to also provide this critical support. These programs are for individuals in government and industry organizations that are looking to build, assess, or evaluate an insider threat program, while protecting the privacy and civil liberties of their employees.

Research

These programs are based upon the research of the CERT Insider Threat Center of the Software Engineering Institute. The CERT Insider Threat Center has been researching this problem since 2001 in partnership with the Department of Defense, the Department of Homeland Security, the U.S. Secret Service, other federal agencies, the intelligence community, private industry, academia, and the vendor community.

Audience

This training course supports organizations implementing and managing insider threat detection and prevention programs based on various government mandates or guidance including: Presidential Executive Order 13587, the National Insider Threat Policy and Minimum Standards, and proposed changes set forth in the National Industrial Security Program Operating Manual (NISPOM).

Insider Threat Program Manager (ITPM)

Available Now

The ITPM certificate program will assist insider threat program managers developing a formal insider threat program. The certificate will cover areas such as insider threat planning, identification of internal and external stakeholders, components of an insider threat program, insider threat team development, strategies for effective communication of the program, and how to effectively implement and operate the program within the organization.


Insider Threat Vulnerability Assessor (ITA)

Coming Summer 2014

The ITA program enables assessors to help organizations gain a better understanding of their insider threat risk and an enhanced ability to identify and manage associated risks. The assessment methodology assists organizations by measuring how prepared they are to prevent, detect, and respond to the insider threat. Organizations will have the ability to license the CERT Insider Threat Vulnerability Assessment tool for internal use or to assess others for potential vulnerabilities.


Insider Threat Program Evaluator (ITPE)

Coming Fall 2014

The ITPE program enables evaluators to help organizations gain a better understanding of the effectiveness of their established insider threat programs. Organizations will have the ability to license the CERT Insider Threat Program Evaluation methodology for internal use or to evaluate the effectiveness of other programs.

  • "The insider threat is alive, thriving and often responsible for major data breaches that expose everything from consumer credit-card information to valuable intellectual property...."
    InformationWeek Insider Threat Survey Report, March 2014
  • "Regardless of the technology in place to protect data, people still represent the biggest threat."
    Alex Ryskin, IT director for the laser laboratories at the University of Rochester, NY. Quoted in Oak Ridge Laboratory's "Anatomy of an Insider Threat: Case Study in Human Vulnerabilities"
  • "...23% of enterprises have experienced insider-driven data breaches."
    InformationWeek Insider Threat Survey Report, March 2014

About Insider Threat

What Is Insider Threat?

A malicious insider threat to an organization is a current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization's information or information systems.

Learn more

How We Identify Insider Threat

The CERT Insider Threat Center conducts empirical research and analysis to develop and transition sociotechnical solutions to combat insider cyber threats. The foundation of our work is our database of more than 800 insider threat cases. We use system dynamics modeling to characterize the nature of the insider threat problem, explore dynamic indicators of insider threat risk, and identify and experiment with administrative and technical controls for insider threat mitigation.

Learn more

How We Combat Insider Threat

The CERT insider threat lab provides a foundation to identify, tune, and package technical controls as an extension of our modeling efforts. We have developed an assessment framework based on data from cases of fraud, theft of intellectual property, and IT sabotage. This framework helps organizations identify their technical and nontechnical vulnerabilities to insider threats as well as executable countermeasures.

Learn more