Balanced Approaches to Insider Risk Management
Software Engineering Institute
Misuse of authorized access to an organization’s critical assets is a significant concern for organizations of all sizes, missions, and industries. We at the CERT National Insider Threat Center have been collecting and analyzing data on incidents involving malicious and unintentional insider since 2001, and have worked with numerous organizations across government, industry, and academia to develop and validate controls and best practices to address these concerns.
In this webcast, as a part of National Insider Threat Awareness Month, our experts provided an overview of the ongoing research in this area, and answered questions about how the threat landscape continues to evolve, and what organizations can and should do to address insider threats.
What Attendees Will Learn:
- The complexities of insider risk management and strategies for effectively balancing insider risk management program operations across the dimensions of people, organization, and management.
- The latest findings from the CERT National Insider Threat Center’s research into the different types of insider incidents – motivations, vulnerabilities, and common attack paths
- The changing landscape of insider threat and a look into the future
- The newest best practices and other resource that are available through the CERT National Insider Threat Center
About the Speaker
Randy Trzeciak is a senior member of the technical staff with CERT at the Software Engineering Institute (SEI), Carnegie Mellon University. He is a member of a team focusing on insider threat research, including insider threat studies being conducted with the U.S. Secret Service National Threat Assessment Center, the U.S. …Read more