The CERT Insider Threat Center will present a framework for organizations to consider as they first attempt to identify insider threats to critical assets and second as they develop, implement and measure the effectiveness of technical and nontechnical controls and detection capabilities. Actual incidents of insider harm will be presented to demonstrate control development using the framework.
Learning Objectives: 1: Learn the importance of using an empirically based framework for threat mitigation. 2: Receive an overview of technical and nontechncial data sources for anomoly detection. 3: Learn to implement management, operational and techncial controls to mitigate threats.