For the past decade, members of the CERT Insider Threat Center have been researching insider threat, conducting assessments of organizations, and presenting workshops. We also have a database of more than 550 actual insider threat cases, from which we have extracted a list of technical and non-technical methods used by malicious insiders, including current and former employees, contractors, and business partners.
The Customized Insider Threat Executive Workshop is based on the standard Insider Threat Workshop, and it focuses explicitly on an organization’s specific needs and objectives. The workshop leverages our expertise in the field of insider threat to assess an organization’s own experiences with malicious insider activity, existing security controls, business processes, and unique organizational culture. The end result is a strategic action plan, developed with our guidance and created and endorsed by senior leadership. The organization can immediately implement this plan after the workshop to address and mitigate the risk of insider threat.