Sub Navigation:

• Australia
  • Global Heinz
  • Public Policy Management (MSPPM)
  • Information Technology (MSIT)
  • Advanced Education Program
    • Software Engineering Institute (SEI)
      • Fundamentals of Incident Handling
      • Insider Threat Workshop
      • Introduction to the CERT Resilience Management Model
  • FUTURESPEAK
  • About Carnegie Mellon University - Australia
  • Faculty & Research
  • Alumni
  • Employers
  • Students
  • Directories
  • Tour Online
  • Student Papers
  • Open Technology Foundation (OTF)
  • [NEWS MAKERS]
  • Information Sessions

Secondary Navigation:

• About Carnegie Mellon University - Australia
• GLOBAL HEINZ
• Faculty & Research
• Alumni
• EMPLOYERS
• Students

Breadcrumb Navigation:

Home>Australia>Advanced Education Program>Software Engineering Institute (SEI)>Insider Threat Workshop

Insider Threat Workshop

The CERT Program at Carnegie Mellon University's Software Engineering Institute has been researching insider threats since 2002. We have compiled a database containing hundreds of actual insider threat cases. Our insider threat research focuses on both technical and behavioral aspects of actual compromises; our goal is to raise awareness of the risks of insider threat and to help identify the factors influencing an insider's decision to act, the indicators and precursors of malicious acts, and the countermeasures that will improve the survivability and resiliency of the organisation.

We have combined all of our work into a two day workshop on insider threat. The workshop consists of presentations and interactive exercises in which participants are led through portions of the CERT insider threat assessment instrument, which was developed to enable organizations to assess their insider threat risk. The assessment addresses technical, organisational, personnel, security, and process issues. The purpose of the exercises is to assist participants in assessing their own organization's vulnerability to insider threat in specific areas of concern. Our goal is that participants leave the workshop with actionable steps that they can take to better manage the risk of insider threat in their organisation.

Who should attend?

The target audience is managers, leaders, directors, and chief executives across all facets of the organisation including IT, HR, Legal, Physical Security, and Operations. The workshop will benefit team leaders, project managers, business managers, financial managers, security officers, risk officers, C-Level managers and anyone else responsible for creating, implementing, enforcing, and auditing practices and procedures throughout the organisation.

Topics 

• Overview of Insider Threats
• Insider IT Sabotage
• Insider Theft of Information (e.g. Industrial Espionage)
• Insider Fraud
• Insider Threats in the Software Development Life
• Cycle
• Best Practices for Prevention and Detection

Objectives

• Attendees will leave the workshop with actionable steps that they can take to better manage the risk of insider threat in their organisation.
• Attendees will understand the motivation, characteristics of insiders, behavioral and technical precursors, and technical aspects of insider fraud, theft of confidential or sensitive information, and IT sabotage.
• Attendees will understand the best practices that can be implemented to prevent insider incidents or detect them as early as possible.
• Attendees will know what "observables" they should be looking for within their own organisations that could indicate a pending insider attack.

 Prerequisites

There are no prerequisites for this course.

Materials

Participants will receive a course notebook, case studies and a CD containing the course and supplemental materials.

Schedule

The course runs from Monday 28 - Tuesday 29 May 2012 between 9:00am - 5:00pm. Meals provided daily.

Register

To register your interest in this course please contact us at admissions@cmu.edu.au or Download flyer and registration form.