Randall F. Trzeciak
Software Engineering Institute
Randy Trzeciak is a senior member of the technical staff with CERT at the Software Engineering Institute (SEI), Carnegie Mellon University. He is a member of a team focusing on insider threat research, including insider threat studies being conducted with the U.S. Secret Service National Threat Assessment Center, the U.S. Department of Defense Personnel Security Research Center, and Carnegie Mellon’s CyLab. Trzeciak also is an adjunct professor at Carnegie Mellon’s H. John Heinz III School of Public Policy and Management. Prior to his position at CERT, Trzeciak managed the Management Information Systems team in the Information Technology Department at the SEI. Prior to working at the SEI, Trzeciak was a software engineer at the Carnegie Mellon Research Institute. He was a lead developer and database administrator at Computing Services at Carnegie Mellon. Trzeciak also worked for Software Technology, Inc. in Alexandria, Virginia. He holds an MS in Management from the University of Maryland and a BS in Management Information Systems and a BA in Business Administration from Geneva College.
Publications by Randall F. Trzeciak
-
Balanced Approaches to Insider Risk Management
September 08, 2021 • Webinar
Randall F. TrzeciakDaniel L. Costa
In this webcast, Randy Trzeciak and Dan Costa provide an overview of the ongoing research in this area, and answer questions about how the threat landscape continues to evolve, and what organizations can and should do to address insider threats.
watch -
Cyber Hygiene: Why the Fundamentals Matter
October 17, 2019 • Webinar
Matthew J. ButkovicRandall F. TrzeciakMatthew Trevors
In this webcast, as a part of National Cybersecurity Awareness Month, our experts provided an overview of the concept of cyber hygiene, which addresses simple sets of actions that users can take to help reduce cybersecurity risks.
watch -
Cyber Hygiene: Why the Fundamentals Matter
October 16, 2019 • Presentation
Matthew J. ButkovicMatthew TrevorsRandall F. Trzeciak
In this webcast, as a part of National Cybersecurity Awareness Month, our experts will provide an overview of the concept of cyber hygiene, which addresses simple sets of actions that users can take to help reduce cybersecurity risks.
read -
Insider Threats: Your Questions. Our Answers.
September 23, 2019 • Webinar
Matthew J. ButkovicRandall F. TrzeciakDaniel L. Costa
In this webcast, as a part of National Insider Threat Awareness Month, our experts provided an overview of the ongoing research in this area, and answered questions about how the threat landscape continues to evolve.
watch -
Common Sense Guide to Mitigating Insider Threats, Sixth Edition
February 27, 2019 • Technical Report
Michael C. TheisRandall F. TrzeciakDaniel L. Costa
The guide presents recommendations for mitigating insider threat based on the CERT Division's continued research and analysis of more than 1,500 insider threat cases.
read -
5 Best Practices for Preventing and Responding to Insider Threat
December 28, 2017 • Podcast
Randall F. Trzeciak
Randy Trzeciak, technical manager of the CERT National Insider Threat Center, discusses five best practices for preventing and responding to insider threat.
learn more -
Model-Driven Insider Threat Control Selection and Deployment
December 06, 2017 • Presentation
Randall F. TrzeciakDaniel L. Costa
This presentation discusses how organizations can identify, prioritize, and select appropriate security controls.
read -
SEI Cyber Minute: Insider Threats
April 19, 2017 • Video
Randall F. Trzeciak
Watch Randy Trzeciak in this SEI Cyber Minute as he discusses "Insider Threats".
watch -
Common Sense Guide to Mitigating Insider Threats, Fifth Edition
December 21, 2016 • Technical Report
Matthew L. CollinsMichael C. TheisRandall F. Trzeciak
Presents recommendations for mitigating insider threat based on CERT's continued research and analysis of over 1,000 cases.
read -
SEI Cyber Minute: Engaging Stakeholders on Insider Threat
August 10, 2016 • Video
Randall F. Trzeciak
Randy Trzeciak discusses "Engaging Stakeholders on Insider Threat."
watch -
How to Build an Effective Insider Threat Program to Comply With the New NISPOM Mandate
July 15, 2016 • Webinar
Randall F. Trzeciak
In this webinar, Randy Trzeciak, Technical Manager of the CERT Insider Threat Center, described the summary of new requirements mandated by NISPOM Change 2 and the impact it will have on DoD contracting organizations.
watch -
SEI Cyber Minute: Are You Vulnerable to Insider Threats?
July 06, 2016 • Video
Randall F. Trzeciak
Randy Trzeciak discusses "Are You Vulnerable to Insider Threats?"
watch -
Effective Insider Threat Programs: Understanding and Avoiding Potential Pitfalls
October 16, 2015 • White Paper
Andrew P. MooreWilliam E. NovakMatthew L. Collins
In this paper, the authors describe the potential ways an insider threat program (InTP) could go wrong and to engage the community to discuss its concerns.
read -
Insider Threats in the Software Development Life Cycle
November 05, 2014 • Presentation
Daniel L. CostaRandall F. Trzeciak
This TSP Symposium 2014 presentation uncovers patterns from cases in which insiders exploited vulnerabilities in software development processes to harm their organizations.
read -
International Implementation of Best Practices for Mitigating Insider Threat: Analyses for India and Germany
April 16, 2014 • Technical Report
Lori FlynnCarly L. HuthPalma Buttles-Valdez
This report analyzes insider threat mitigation in India and Germany, using the new framework for international cybersecurity analysis described in the paper titled “Best Practices Against Insider Threats in All Nations.”
read -
Spotlight On: Programmers as Malicious Insiders–Updated and Revised
December 02, 2013 • White Paper
Matthew L. CollinsDawn CappelliThomas C. Caron (John Heinz III College, School of Information Systems Management, Carnegie Mellon University)
In this paper, the authors describe the who, what, when, where, and how of attacks by insiders using programming techniques and includes case examples.
read -
Panel Discussion: Managing the Insider Threat: What Every Organization Should Know
November 07, 2013 • Webinar
Robert FloodeenWilliam R. ClaycombAndrew P. Moore
In this webinar, a watch panel discusses Managing the Insider Threat: What Every Organization Should Know.
watch -
Illicit Cyber Activity Involving Fraud
November 07, 2013 • Webinar
Randall F. Trzeciak
In this webinar, Randy Trzeciak discusses a study to develop insights and risk indicators related to malicious insider activity in the banking and finance sector.
watch -
Overview of the Threat Posed by Insiders to Critical Assets
November 05, 2013 • Webinar
Randall F. TrzeciakDave Mundie
In this 2013 webinar, Randy Trzeciak and David Mundie discuss the challenges organizations face as they try to address insider threat.
watch -
Best Practices Against Insider Threats in All Nations
August 27, 2013 • Technical Note
Lori FlynnCarly L. HuthRandall F. Trzeciak
In this report, the authors summarize best practices for mitigating insider threats in international contexts.
read -
Spotlight On: Insider Theft of Intellectual Property Inside the United States Involving Foreign Governments or Organizations (2013)
May 20, 2013 • Technical Note
Matthew L. CollinsDerrick SpoonerDawn Cappelli
In this report, the authors provide a snapshot of individuals involved in insider threat cases and recommends how to mitigate the risk of similar incidents.
read -
Analyzing Cases of Resilience Success and Failure - A Research Study
December 01, 2012 • Technical Note
Julia H. AllenPamela D. CurtisAndrew P. Moore
In this report, the authors describe research aimed at helping organizations to know the business value of implementing resilience processes and practices.
read -
Common Sense Guide to Mitigating Insider Threats, Fourth Edition
December 01, 2012 • Technical Report
George SilowashDawn CappelliAndrew P. Moore
In this report, the authors define insider threats and outline current insider threat patterns and trends.
read -
Best Practices Against Insider Threats in All Nations
October 30, 2012 • Conference Paper
Lori FlynnCarly L. HuthRandall F. Trzeciak
In this paper, the authors summarize best practices for mitigating insider threats in international contexts.
read -
Spotlight On: Insider Threat from Trusted Business Partners Version 2: Updated and Revised
October 01, 2012 • White Paper
Todd LewellenAndrew P. MooreDawn Cappelli
In this article, the authors focus on cases in which the malicious insider was employed by a trusted business partner of the victim organization.
read -
Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector
July 01, 2012 • Special Report
Adam CummingsTodd LewellenDavid McIntire
In this report, the authors describe insights and risk indicators of malicious insider activity in the banking and finance sector.
read -
The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)
January 24, 2012 • Book
Dawn M. CappelliAndrew P. MooreRandall F. Trzeciak
In this book, the authors present best practices for managing the security and survivability of people, information, technology, and facilities.
read -
A Preliminary Model of Insider Theft of Intellectual Property
June 01, 2011 • Technical Note
Andrew P. MooreDawn CappelliThomas C. Caron (John Heinz III College, School of Information Systems Management, Carnegie Mellon University)
In this report, the authors describe general observations about and a preliminary system dynamics model of insider crime based on our empirical data.
read -
An Analysis of Technical Observations in Insider Theft of Intellectual Property Cases
February 01, 2011 • Technical Note
Michael HanleyTyler DeanWill Schroeder
In this report, the authors provide an overview of techniques used by malicious insiders to steal intellectual property.
read -
The Key to Successful Monitoring for Detection of Insider Attacks
October 21, 2010 • Presentation
Dawn CappelliRandall F. TrzeciakRobert Floodeen
In this presentation, Software Engineering Institute researchers show how to detect insider threats successfully by monitoring and auditing network activity.
read -
Spotlight On: Insider Threat from Trusted Business Partners
February 01, 2010 • White Paper
Robert Weiland (Carnegie Mellon University)Andrew P. MooreDawn Cappelli
In this report, the authors focus on cases in which the insider was employed by a trusted business partner of the victim organization.
read -
Mitigating Insider Threat: New and Improved Practices
August 18, 2009 • Podcast
Dawn CappelliRandall F. TrzeciakAndrew P. Moore
Two hundred and eighty-two cases of actual insider attacks suggest 16 best practices for preventing and detecting insider threat.
learn more -
Insider Theft of Intellectual Property for Business Advantage: A Preliminary Model
July 20, 2009 • White Paper
Andrew P. MooreDawn CappelliThomas C. Caron (John Heinz III College, School of Information Systems Management, Carnegie Mellon University)
In this paper, the authors describe general observations about, and a preliminary system dynamics model of, insider crime based on our empirical data.
read -
Spotlight On: Insider Theft of Intellectual Property Inside the United States Involving Foreign Governments or Organizations (2009)
June 01, 2009 • White Paper
Derrick SpoonerDawn CappelliAndrew P. Moore
In this report, the authors focus on employees, contractors, and business partners who stole intellectual property to benefit a foreign entity.
read -
Best Practices For Mitigating Insider Threat: Lessons Learned From 250 Cases
April 20, 2009 • Presentation
Dawn CappelliRandall F. Trzeciak
In this presentation, Dawn Cappelli and Randy Trzeciak describe sixteen best practices for mitigating insider threats.
read -
Spotlight On: Malicious Insiders with Ties to the Internet Underground Community
March 01, 2009 • White Paper
Michael HanleyAndrew P. MooreDawn Cappelli
In this report, the authors focus on insider threat cases in which the insider had relationships with the internet underground community.
read -
Common Sense Guide to Prevention and Detection of Insider Threats 3rd Edition – Version 3.1
January 01, 2009 • White Paper
Dawn CappelliAndrew P. MooreRandall F. Trzeciak
In this paper, the authors present findings from examining insider crimes in a new way and add new practices that were not present in the second edition.
read -
Spotlight On: Programming Techniques Used as an Insider Attack Tool
December 01, 2008 • White Paper
Dawn CappelliThomas C. Caron (John Heinz III College, School of Information Systems Management, Carnegie Mellon University)Randall F. Trzeciak
In this report, the authors focus on persons who use programming techniques to commit malicious acts against their organizations.
read -
The "Big Picture" of Insider IT Sabotage Across U.S. Critical Infrastructures
May 01, 2008 • Technical Report
Andrew P. MooreDawn CappelliRandall F. Trzeciak
In this report, the authors describe seven observations about insider IT sabotage based on their empirical data and study findings.
read -
Comparing Insider IT Sabotage and Espionage: A Model-Based Analysis
December 01, 2006 • Technical Report
Stephen R. Band (Counterintelligence Field Activity - Behavioral Science Directorate)Dawn CappelliLynn F. Fischer
In this report, the authors examine the psychological, technical, organizational, and contextual factors that contribute to espionage and insider sabotage.
read -
Insider Threats in the SDLC: Lessons Learned from Actual Incidents of Fraud, Theft of Sensitive Information and IT Sabotage
January 01, 2006 • Presentation
Dawn CappelliRandall F. TrzeciakAndrew P. Moore
In this 2006 presentation, the authors describe the lessons they learned from real-world fraud, theft, and sabotage incidents.
read -
Insider Threats in the SDLC
January 01, 2006 • Presentation
Dawn CappelliAndrew P. MooreRandall F. Trzeciak
This presentation on insider threats in the SDLC was delivered by Dawn Cappelli, Andrew P. Moore, and Randy Trzeciak of the Software Engineering Institute's CERT Program in 2006.
read