Building an Insider Threat Program
This seven (7) hour online course provides a thorough understanding of the organizational models for an insider threat program, the necessary components to have an effective program, the key stakeholders who need to be involved in the process, and basic education on the implementation and guidance of the program.
This training is based upon the research of the CERT Insider Threat Center of the Software Engineering Institute. The CERT Insider Threat Center has been researching this problem since 2001 in partnership with the U.S. Department of Defense (DoD), the Department of Homeland Security, the U.S. Secret Service, other federal agencies, the intelligence community, private industry, academia, and the vendor community. This training course supports organizations implementing and managing insider threat detection and prevention programs based on various government mandates or guidance including: Presidential Executive Order 13587, the National Insider Threat Policy and Minimum Standards, and proposed changes set forth in the National Industrial Security Program Operating Manual (NISPOM).
Please note that successful completion of this course is a required component of the Insider Threat Program Manager, Insider Threat Vulnerability Assessor, and Insider Threat Program Evaluator Certificate Programs. To learn more about these certificates and package pricing for the courses, please go to: SEI Certificates.
- Insider Threat Program Team Members
- Insider Threat Program Managers
At the completion of the course, learners will be able to:
- State the key components and principles of a formalized insider threat program
- Identify the critical organizational entities that must participate in the development, implementation, and operation of the program
- Begin or enhance their strategic planning for developing and implementing a formalized insider threat program
- Create an implementation plan and roll-out
- Identify the type of staff and skills needed as part of the insider threat program operational team
- Identify the types of policies and procedures needed to institutionalize the insider threat program
- Identify existing organizational policies and procedures which require enhancement to support the insider threat program activities
- Determine the types of infrastructure requirements needed to support the insider threat program operations
- Identify the type of governance and management support needed to sustain a formal insider threat program
This online course contains seven (7) hours of video instruction presented by experts from the CERT Insider Threat Center. Additionally, the course includes questions to confirm and reinforce your understanding of the concepts presented. The topics you will study are:
- Components of an Insider Threat Program
- Requirements for a formal program
- Organization-wide participation
- Oversight of program compliance and effectiveness
- Integration with enterprise risk management
- Prevention, detention and response infrastructure
- Insider Threat training and awareness
- Confidential reporting procedures and mechanisms
Learners will have one year to complete the course. Upon completing all course elements, the learner is awarded an electronic certificate of course completion.
This course is presented in the form of video instruction presented by experts from the CERT Insider Threat Center. Self-assessments following each topic presented assist with comprehension of the subject matter. Learners will also be able to access additional resources related to the subject matter and a downloadable copy of the course presentation slides.
There are no prerequisites for this course; however, students are strongly advised to first study the Overview of Insider Threat Concepts and Activities course to insure a thorough understanding of the course content.
To access the SEI Learning Portal, your computer must have the following:
- For optimum viewing, we recommend using the following browsers: Microsoft Edge, Mozilla Firefox, Google Chrome, Safari
- These browsers are supported on the following operating systems: Microsoft Windows 8 (or higher), OSX (Last two major releases), Most Linux Distributions
- Mobile Operating Systems: iOS 9, Android 6.0
- Microsoft Edge, Firefox, Chrome and Safari follow a continuous release policy that makes difficult to fix a minimum version. For this reason, following the market recommendation we will support the last 2 major version of each of these browsers. Please note that as of January 2018, we do not support Safari on Windows.
This three (3) hour online course provides a thorough understanding of insider threat terminology, identifies different types of insider threats, teaches how to recognize both technical and behavioral indicators and outlines mitigation strategies. This instruction is based upon the research of the CERT National Insider Threat Center (NITC) of the...
3 - Day Course
This three day course builds upon the initial concepts presented in the prerequisite courses Overview of Insider Threat Concepts and Activities and Building an Insider Threat Program. The course presents a process roadmap that can be followed to build the various parts of a robust Insider Threat Program. It discusses various techniques and methods...
Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials. For more information about SEI training courses, see Registration Terms and Conditions and Confidentiality of Course Records.