Video

The Evolving Insider Threat

Dawn Cappelli, Randy Trzeciak of CMU's Insider Threat Center
The Evolving Insider Threat

For more than a decade, Carnegie Mellon University's CERT Insider Threat Center has studied and mapped the various risks of fraud, sabotage and theft of intellectual property. But the landscape is changing, and the latest research offers new insights on managers who commit fraud, as well as innocent employees who are exploited by external agents.

See Also: 2017 Predictions on Data Security: Insights on Important Trends in Security for the Banking Industry

In this video interview, Dawn Cappelli and Randy Trzeciak of the Insider Threat Center discuss:

  • Who typically commits insider crimes - and how;
  • How employees are being victimized from outside;
  • Why our critical infrastructure is at heightened risk.

Cappelli, CISSP, is Technical Manager of the Insider Threat Center and the Enterprise Threat and Vulnerability Management team in the CERT Program at Carnegie Mellon University's Software Engineering Institute. Her team's mission is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity.

Trzeciak is currently a senior member of the technical staff at CERT. He is the technical team lead of the Insider Threat Research team; a team focusing on insider threat research; threat analysis and modeling; assessments; and training. Trzeciak has over 20 years experience in software engineering; database design, development, and maintenance; project management; and information security.


About the Author

Tom Field

Tom Field

Vice President - Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its diverse cadre of senior-level editors and reporters. He also helped to develop and lead ISMG's award-winning Summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network