Insider Threat Certificates

Training and certificate programs for program managers, vulnerability assessors, and program evaluators.

Announcing classes for Spring, Summer, and Fall 2014

Take our training to earn insider threat certificates

The insider threat certificates from Carnegie Mellon's Software Engineering Institute can help organizations satisfy the requirements of Executive Order 13587 with sophisticated, flexible insider threat programs that are tailored to the unique circumstances of individual organizations.

We have been researching Insider Threat since 2001

Our research partners include the Department of Defense, the Department of Homeland Security, the U.S. Secret Service, other federal agencies, the intelligence community, private industry, academia, and the vendor community.

As part of Carnegie Mellon University's Software Engineering Institute, a Federally Funded Research and Development Center (FFRDC), we are uniquely positioned as a trusted broker and have been assisting the community for over a decade.

Learn more about Insider Threat research.

Federal agencies must prevent, detect, and respond to insider threats

President Obama's Executive Order 13587 requires federal agencies that operate or access classified computer networks to implement an insider threat detection and prevention program.

Proposed changes to the National Industrial Security Program Operating Manual (NISPOM) would require the same of contractors that engage with such federal agencies.

Certificate Programs

As a trusted third party between government, industry, and academia, the CERT Insider Threat Center is in a unique position to help organizations with their insider threat challenges. However, the need for qualified experts to support organizations in the development and operation of insider threat programs is now greater than ever. To meet this growing demand, we are developing new solutions to transition our important research and enable others to also provide this critical support.

Our new insider threat training and certificate programs will educate professionals on how to help organizations identify and manage their insider threat risks, and how to measure their preparedness to defend against them. The new programs will also teach how to evaluate an organization's insider threat program, or even build and operate one from scratch. Founded on our analysis of more than 800 insider incidents, these programs are for individuals in government and industry organizations that are looking to build, assess, or evaluate an insider threat program, while protecting the privacy and civil liberties of their employees.

Insider Threat Program Manager (ITPM) Certificate

Develop a formal insider threat program. Implement and operate the program effectively.

Summer 2014

Learn More

Insider Threat Vulnerability Assessor (ITA) Certificate

Help organizations identify and manage their unique insider threat risks. Measure organizations' preparedness to prevent, detect, and respond to insider threats.

Summer 2014

Learn more

Insider Threat Program Evaluator (ITPE) Certificate

Help organizations evaluate the effectiveness of their established insider threat programs.

Fall 2014

Learn more

  • "The insider threat is alive, thriving and often responsible for major data breaches that expose everything from consumer credit-card information to valuable intellectual property...."
    InformationWeek Insider Threat Survey Report, March 2014
  • "Regardless of the technology in place to protect data, people still represent the biggest threat."
    Alex Ryskin, IT director for the laser laboratories at the University of Rochester, NY. Quoted in Oak Ridge Laboratory's "Anatomy of an Insider Threat: Case Study in Human Vulnerabilities"
  • "...23% of enterprises have experienced insider-driven data breaches."
    InformationWeek Insider Threat Survey Report, March 2014

About Insider Threat

What Is Insider Threat?

A malicious insider threat to an organization is a current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization's information or information systems.

Learn more

How We Identify Insider Threat

The CERT Insider Threat Center conducts empirical research and analysis to develop and transition sociotechnical solutions to combat insider cyber threats. The foundation of our work is our database of more than 800 insider threat cases. We use system dynamics modeling to characterize the nature of the insider threat problem, explore dynamic indicators of insider threat risk, and identify and experiment with administrative and technical controls for insider threat mitigation.

Learn more

How We Combat Insider Threat

The CERT insider threat lab provides a foundation to identify, tune, and package technical controls as an extension of our modeling efforts. We have developed an assessment framework based on data from cases of fraud, theft of intellectual property, and IT sabotage. This framework helps organizations identify their technical and nontechnical vulnerabilities to insider threats as well as executable countermeasures.

Learn more