search menu icon-carat-right cmu-wordmark

Institutionalizing the Fundamentals of Insider Risk Management

In this webcast, Dan Costa identifies themes of best practices observed over two decades of researching insider threat.

Software Engineering Institute



Insider threats pose an enduring, ever-evolving risk to an organization’s critical assets that require enterprise-wide participation to manage effectively. Many organizations struggle to make critical tasks in insider risk management “stick,” relying on several crutches to drive temporary organizational change, only to see those changes come undone and have incidents slip through the cracks. In this webcast, Dan Costa discusses those crutches and identifies themes of best practices observed over two decade of researching insider threat and building insider risk management programs that organizations can use to institutionalize key components of effective insider risk management.

What attendees will learn:

  • How to identify drivers of change to an organization’s insider risk posture
  • How to differentiate between one-time and routine activities in the planning and implementation of an insider risk management program
  • How to measure the maturity of those routine activities

About the Speaker