Balanced Approaches to Insider Risk Management
September 2021 • Webinar
In this webcast, Randy Trzeciak and Dan Costa provide an overview of the ongoing research in this area, and answer questions about how the threat landscape continues to evolve, and what organizations can and should do to address insider threats.
Software Engineering Institute
Misuse of authorized access to an organization’s critical assets is a significant concern for organizations of all sizes, missions, and industries. We at the CERT National Insider Threat Center have been collecting and analyzing data on incidents involving malicious and unintentional insider since 2001, and have worked with numerous organizations across government, industry, and academia to develop and validate controls and best practices to address these concerns.
In this webcast, as a part of National Insider Threat Awareness Month, our experts provided an overview of the ongoing research in this area, and answered questions about how the threat landscape continues to evolve, and what organizations can and should do to address insider threats.
What Attendees Will Learn:
- The complexities of insider risk management and strategies for effectively balancing insider risk management program operations across the dimensions of people, organization, and management.
- The latest findings from the CERT National Insider Threat Center’s research into the different types of insider incidents – motivations, vulnerabilities, and common attack paths
- The changing landscape of insider threat and a look into the future
- The newest best practices and other resource that are available through the CERT National Insider Threat Center
About the Speaker
Randy Trzeciak is a senior member of the technical staff with CERT at the Software Engineering Institute (SEI), Carnegie Mellon University. He is a member of a team focusing on insider threat research, ...
Randy Trzeciak is a senior member of the technical staff with CERT at the Software Engineering Institute (SEI), Carnegie Mellon University. He is a member of a team focusing on insider threat research, including insider threat studies being conducted with the U.S. Secret Service National Threat Assessment Center, the U.S. Department of Defense Personnel Security Research Center, and Carnegie Mellon’s CyLab. Trzeciak also is an adjunct professor at Carnegie Mellon’s H. John Heinz III School of Public Policy and Management. Prior to his position at CERT, Trzeciak managed the Management Information Systems team in the Information Technology Department at the SEI. Prior to working at the SEI, Trzeciak was a software engineer at the Carnegie Mellon Research Institute. He was a lead developer and database administrator at Computing Services at Carnegie Mellon. Trzeciak also worked for Software Technology, Inc. in Alexandria, Virginia. He holds an MS in Management from the University of Maryland and a BS in Management Information Systems and a BA in Business Administration from Geneva College.