Software Engineering Institute

August 7, 2023—The Software Engineering Institute’s CERT Division will hold its Insider Risk Management Symposium in person on September 14 at the Cooperative Plaza Conference Center in Arlington, Virginia. The tenth annual symposium will reflect on a decade of insider threat research and practice and look forward to gain perspectives on how to make best practices for insider risk management programs (IRMPs) persist within organizations. Registration for this free event is required.

The SEI defines insider threat as the potential for an individual who has or had authorized access to an organization’s critical assets to use their access, either maliciously or unintentionally, to act in a way that could negatively affect the organization. Insider risk is the impact and likelihood associated with the realization of an insider threat.

The theme for this year’s Insider Risk Management Symposium is “Institutionalizing the Fundamentals of Insider Risk Management.” Organizations must revisit the strategies for differentiating between one-off activities for IRMP planning and the foundational practices that must be periodically revisited to ensure the ever-changing insider risk landscape is effectively managed.

Technical, behavioral, and organizational factors influence insider risk, according to the SEI’s work with private- and public-sector organizations. A successful IRMP must be able to make risk-based decisions based on its own data.

The CERT Insider Risk Management Symposium gathers SEI researchers, as well as insider risk management practitioners from industry, government, and solutions providers, to share their challenges and successes experienced while establishing mature insider risk management processes in both public- and private-sector organizations.

Attendees will come away from the symposium with increased situational awareness of the latest insider threats, actionable recommendations for effectively managing insider risk from leading-edge practitioners, and an understanding of the most up-to-date tools and references available to the insider threat research and practitioner community.

Since 2001, the SEI has researched insider risk by gathering and analyzing more than 3,000 real-world insider incidents. Partnerships with federal government agencies and industry organizations have enabled the SEI to produce a broad body of knowledge on insider risk management, including best practices, webinars, courses and certificate programs, and blog posts.

The symposium coincides with National Insider Threat Awareness Month, sponsored by the Under Secretary of Defense for Intelligence and Security, the National Insider Threat Task Force, and the Defense Counterintelligence and Security Agency. The month-long campaign by the federal government and industry features events and materials to educate the workforce on deterring, detecting, and mitigating threats posed from trusted insiders.

Register to attend the free, in-person CERT Insider Risk Management Symposium 2023 in Arlington, Virginia.