A Framework to Effectively Develop Insider Threat Controls

Posted on in Presentations

The CERT Insider Threat Center will present a framework for organizations to consider as they first attempt to identify insider threats to critical assets and second as they develop, implement and measure the effectiveness of technical and nontechnical controls and detection capabilities. Actual incidents of insider harm will be presented to demonstrate control development using the framework.

Learning Objectives:
1: Learn the importance of using an empirically based framework for threat mitigation.
2: Receive an overview of technical and nontechncial data sources for anomoly detection.
3: Learn to implement management, operational and techncial controls to mitigate threats.

Daniel Costa


Technical Lead – Insider Threat Technical Solutions, CERT Division at Software Engineering Institute, Carnegie Mellon University

Randy Trzeciak


Technical Director, Carnegie Mellon Software Engineering Institute

Analytics Intelligence & Response

data security insider threats security operations threat management data loss prevention



Share With Your Community