Insider Threat Program Manager Certificate

Develop a Formal Insider Threat Program

The Insider Threat Program Manager (ITPM) Certificate program will assist insider threat program managers developing a formal insider threat program. The certificate will cover areas such as insider threat planning, identification of internal and external stakeholders, components of an insider threat program, insider threat team development, strategies for effective communication of the program, and how to effectively implement and operate the program within the organization.

You will have two years to complete each certificate component. Upon completing all certificate components, you are awarded an electronic certificate of completion.

Who Should Attend?

  • Insider Threat Program Team Members
  • Insider Threat Program Managers

Four Certificate Components

Review descriptions of the of the 4 individual certificate components below:

 

Register for all 4 certificate components at once and save

$3000 - U.S. Government/Academia
$3500 - U.S. Industry
$4000 - International

The package option includes all components necessary to obtain the ITPM Certificate. Choose the date for the classroom component (Insider Threat Program Manager:  Implementation and Operation) to register for the package:

Each of the above price options is available at one of the following offerings:

Jan 23-25, 2018 - Arlington, VA

Mar 13-15, 2018 - Arlington, VA

May 22-24, 2018 - Arlington, VA

Jul 24-26, 2018 - Arlington, VA

Sep 25-27, 2018 - Arlington, VA)

Nov 14-16, 2018 - Arlington, VA

Download PDF

Insider Threat Overview:
Preventing, Detecting, and Responding to Insider Threats

Description

This online course provides a deeper understanding of insider threat terminology, identifies the different types of insider threats, teaches how to recognize both technical and behavioral indicators, and outlines mitigation strategies.

The course comprises five (5) hours of video instruction presented by experts from the CERT Insider Threat Center. Self-assessments following each topic help learners comprehend subject matter.

Successful completion of this course is a required component of the Insider Threat Program Manager, Insider Threat Vulnerability Assessor, and Insider Threat Program Evaluator Certificate Programs.

Prerequisites

There are no prerequisites for this course.

Topics

  • Insider Threat definitions, issues, and types
  • Severity and impact of insider threat activity
  • Fraud: examples, dynamics, technical aspects, and countermeasures
  • Theft of Intellectual Property: examples, dynamics, exfiltration, and mitigation
  • Unintentional Insider Threat
  • Insider Threat Prevention, Detection, and Mitigation Strategies

Objectives

At the completion of the course, learners will be able to:

  • Define an Insider and threats they impose to critical assets
  • Recognize the difference between malicious versus unintentional insider threat
  • Recognize the most common types of insider threat
  • Identify the prevalence and damage caused by insider threat activity
  • Identify legislation enacted to help prevent insider threat
  • Describe the activity, behavioral and technical precursors, and characteristics of fraud and theft of intellectual property
  • Recognize and avoid unintentional insider threat
  • Recognize controls to potentially prevent insider attacks
  • Identify best practices for insider threat mitigation
  • Recognize the purpose of an Insider Threat Program

Materials

In additon to the course videos, learners will be able to access additional resources related to the subject matter and a downloadable copy of the course presentation slides.

Register for This Course Only

 Register for E-Learning

Pricing: $350

Delivery Mode: The CERT STEPfwd (Simulation, Training, and Exercise Platform) is a flexible, multi-media, e-learning environment that you can access anywhere, anytime. System Requirements for CERT STEPfwd are as follows:

  • Operating Systems: Windows 98 / NT 4.0 / Windows 2000 / Windows XP / Windows Vista / Windows 7 / Mac OS X
  • Web browsers: Internet Explorer 7+ or Firefox 3+
  • Adobe Flash version 10+ (for Lecture and Demo access)
  • JRE Version 6+ (for lab access)
  • Computer system and network settings that allow access to streaming video from internet sources
  • Minimum client resolution of 1280x1024 to enable proper Video and Lab Player display
  • Internet connection of 384 Kbps or greater (to sustain downloads with no more than 230 ms of latency). STEPfwd does not currently support off-line viewing or content download

Building an Insider Threat Program

Description

This 7-hour online course provides a thorough understanding of the organizational models for an insider threat program, the necessary components to have an effective program, the key stakeholders who need to be involved in the process, and basic education on the implementation and guidance of the program.

Successful completion of this course is a required component of the Insider Threat Program Manager, Insider Threat Vulnerability Assessor, and Insider Threat Program Evaluator Certificate Programs.

Learners will have one year to complete the course. Upon completing all course elements, the learner is awarded an electronic certificate of course completion.

Prerequisites

There are no prerequisites for this course. However, students are strongly advised to take Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats first to insure a thorough understanding of the course content.

Topics

  • Components of an Insider Threat Program
  • Requirements for a formal program
  • Organization-wide participation
  • Oversight of program compliance and effectiveness
  • Integration with enterprise risk management
  • Prevention, detention and response infrastructure
  • Insider Threat training and awareness
  • Confidential reporting procedures and mechanisms

Objectives

At the completion of the course, learners will be able to

  • State the key components and principles of a formalized insider threat program
  • Identify the critical organizational entities that must participate in the development, implementation, and operation of the program
  • Begin or enhance their strategic planning for developing and implementing a formalized insider threat program
  • Create an implementation plan and roll-out
  • Identify the type of staff and skills needed as part of the insider threat program operational team
  • Identify the types of policies and procedures needed to institutionalize the insider threat program
  • Identify existing organizational policies and procedures which require enhancement to support the insider threat program activities
  • CMU SEI CERT Division Digital Library Blogs
  • Determine the types of infrastructure requirements needed to support the insider threat program operations
  • Identify the type of governance and management support needed to sustain a formal insider threat program

Materials

This course is presented in the form of video instruction presented by experts from the CERT Insider Threat Center. Self-assessments following each topic presented assist with comprehension of the subject matter. Learners will also be able to access additional resources related to the subject matter and a downloadable copy of the course presentation slides.

Register for This Course Only

Register for E-Learning

Pricing: $500

Delivery Mode: The CERT STEPfwd (Simulation, Training, and Exercise Platform) is a flexible, multi-media, e-learning environment that you can access anywhere, anytime. System Requirements for CERT STEPfwd are as follows:

  • Operating Systems: Windows 98 / NT 4.0 / Windows 2000 / Windows XP / Windows Vista / Windows 7 / Mac OS X
  • Web browsers: Internet Explorer 7+ or Firefox 3+
  • Adobe Flash version 10+ (for Lecture and Demo access)
  • JRE Version 6+ (for lab access)
  • Computer system and network settings that allow access to streaming video from internet sources
  • Minimum client resolution of 1280x1024 to enable proper Video and Lab Player display
  • Internet connection of 384 Kbps or greater (to sustain downloads with no more than 230 ms of latency). STEPfwd does not currently support off-line viewing or content download

Insider Threat Program Manager: Implementation and Operation

Description

This 3-day classroom course builds upon the initial concepts presented in the prerequisite courses Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats and Building an Insider Threat Program. The course presents a process roadmap that can be followed to build the various parts of a robust Insider Threat Program. It discusses various techniques and methods to develop, implement, and operate program components.

Course methods include lecture, group exercises, and scenario completion.

Please note that successful completion of this course is a required component of the Insider Threat Program Manager Certificate Program. This course is also recommended for anyone pursing the certificates for the Insider Threat Vulnerability Assessor or Insider Threat Program Evaluator, but is not required.

Prerequisites

Before taking this course, participants who are completing the Insider Threat Program Manager Certificate Program must first take these courses:

  • Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats
  • Building an Insider Threat Program

Topics

  • Building the Insider Threat Program Framework
  • Developing an enterprise-wide approach and interdisciplinary project team
  • Building or enhancing policies and processes to include insider threat program considerations
  • Identifying critical asset and protection needs
  • Identifying risks to assets from insiders and enhancing any risk management program to take into account risks from insiders
  • Enhancing organizational training and awareness programs to include insider threat
  • Enhancing organizational infrastructures to support the Insider Threat Program by determining what defenses are needed, and where enhancements are necessary
  • Building the data collection and analysis function for both technical and behavioral data
  • Identifying data sources and priorities
  • Building a Roadmap for implementation
  • Considerations for operations
  • Future improvements to the program

Objectives

At the completion of the course, learners will be able to

  • Identify critical assets and protection schemes
  • Coordinate a cross-organizational team to help develop and implement the Insider Threat Program
  • Develop a framework for their Insider Threat Program
  • Identify methods to gain management support and sponsorship
  • Plan the implementation for their Insider Threat Program
  • Identify organizational policies and processes that require enhancement to accommodate insider threat components
  • Identify data sources and priorities for data collection
  • Identify infrastructure changes and enhancements necessary for implementing and supporting an Insider Threat Program
  • Outline operational considerations and requirements need to implement the program
  • Build policies and processes to help hire the right staff, develop an organizational culture of security
  • Improve organizational security awareness training
  • Identify training competencies for insider threat team staff

Materials

Participants will receive a course notebook, case studies and a CD containing the course and supplemental materials.

Schedule

This 3-day course meets at the following times:

Days 1-3
8:30 a.m. - 4:30 p.m.

Register for This Course Only

Select a date to register for this classroom course in Arlington, Virginia:

Jan 23-25, 2018 - Arlington, VA

Mar 13-15, 2018 - Arlington, VA

May 22-24, 2018 - Arlington, VA

Jul 24-26, 2018 - Arlington, VA

Sep 25-27, 2018 - Arlington, VA

Nov 14-16, 2018 - Arlington, VA

Pricing

$2,250 - U.S. Government/Academia
$2,650 - U.S. Industry
$3,150 - International

Delivery Mode: Classroom

Insider Threat Program Manager Certificate Exam

To ensure continued excellence in Insider Threat program development, implementation, and operation, the SEI objectively validates the student's understanding and eligibility to receive the Insider Threat Program Manager (ITPM) Certificate. This validation exam is required for insider threat program managers who wish to pursue the Insider Threat Program Manager Certificate.

The certificate exam evaluates the student's comprehension of insider threat planning, identification and responsibilities of internal and external stakeholders, components of an insider threat program, insider threat team development, strategies for effective communication of the program, and effective implementation and operation of the program within the organization.

The exam consists of 65 multiple choice questions. Each question has either four or five possible answers, only one of which is correct.

Learners can begin the online exam at any time. Once the examination is started, the learner will have 6 total hours to complete the examination.

Prerequisites

Before registering for this exam, participants must complete these prerequisite courses:

  • Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats
  • Building an Insider Threat Program
  • Insider Threat Program Manager: Implementation and Operation

Topics

  • Insider Threat definitions, issues, and types
  • Severity and impact of insider threat activity
  • Fraud: examples, dynamics, technical aspects, and countermeasures
  • Theft of Intellectual Property: examples, dynamics, exfiltration, and mitigation
  • Unintentional Insider Threat
  • Insider Threat Prevention, Detection, and Mitigation Strategies
  • Components of an Insider Threat Program
  • Requirements for a formal program
  • Oversight of program compliance and effectiveness
  • Integration with enterprise risk managementPrevention, detention and response infrastructure
  • Confidential reporting procedures and mechanisms
  • Building the Insider Threat Program Framework
  • Developing an enterprise-wide approach and interdisciplinary project team
  • Building or enhancing policies and processes to include insider threat program considerations
  • Identifying critical asset and protection needs
  • Identifying risks to assets from insiders and enhancing any risk management program to take into account risks from insiders
  • Enhancing organizational training and awareness programs to include insider threat
  • Enhancing organizational infrastructures to support the Insider Threat Program by determining what defenses are needed, and where enhancements are necessary
  • Building the data collection and analysis function for both technical and behavioral data
  • Identifying data sources and priorities
  • Building a roadmap for implementation
  • Considerations for operations
  • Future improvements to the program

Objectives

Participants must achieve a minimum passing score of 80% for the Insider Threat Program Manager Certificate.

Materials

The exam is based on information found in the prerequisite courses Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats, Building an Insider Threat Program, and Threat Program Manager: Implementation and Operation. You may reference the course material as needed. Please keep in mind that the test will conclude after 6 total hours regardless of the number of questions answered.

Register for the Exam Only

Register

Pricing: $250

Delivery Mode: This examination is offered via the SEI Learning Portal, which has the following system requirements:

  • Operating Systems: Windows 98 / NT 4.0 / Windows 2000 / Windows XP / Windows Vista / Windows 7 / Mac OS X
  • Browsers: Microsoft Internet Explorer 5.5 or above / Mozilla Firefox
  • Configure your browser to allow pop-ups from this site
  • Explorer: Tools/Internet Options/Privacy
  • Firefox: Tools/Options/Content

Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials.