BankInfoSecurity.com

The Evolving Insider Threat

Dawn Cappelli, Randy Trzeciak of CMU's Insider Threat Center


The Evolving Insider Threat

For more than a decade, Carnegie Mellon University's CERT Insider Threat Center has studied and mapped the various risks of fraud, sabotage and theft of intellectual property. But the landscape is changing, and the latest research offers new insights on managers who commit fraud, as well as innocent employees who are exploited by external agents.

See Also: The Evolution of Advanced Malware

In this video interview, Dawn Cappelli and Randy Trzeciak of the Insider Threat Center discuss:

  • Who typically commits insider crimes - and how;
  • How employees are being victimized from outside;
  • Why our critical infrastructure is at heightened risk.

Cappelli, CISSP, is Technical Manager of the Insider Threat Center and the Enterprise Threat and Vulnerability Management team in the CERT Program at Carnegie Mellon University's Software Engineering Institute. Her team's mission is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity.

Trzeciak is currently a senior member of the technical staff at CERT. He is the technical team lead of the Insider Threat Research team; a team focusing on insider threat research; threat analysis and modeling; assessments; and training. Trzeciak has over 20 years experience in software engineering; database design, development, and maintenance; project management; and information security.

Follow Follow Tom Field on Twitter: @SecurityEditor






Security Agenda

RSA Conference Highlights and Insights

This compilation provides an overview of ISMG’s RSA 2014 coverage, from pre-event promotional materials to excerpts of our exclusive interviews.

Download Now
The State of Information Security

In this year's issue of Security Agenda, we explain why 2014 is finally the "The Year of Security."

Download Now





Latest Tweets and Mentions

Security Agenda

RSA Conference Highlights and Insights

This compilation provides an overview of ISMG’s RSA 2014 coverage, from pre-event promotional materials to excerpts of our exclusive interviews.

Download Now
The State of Information Security

In this year's issue of Security Agenda, we explain why 2014 is finally the "The Year of Security."

Download Now

close

Sign In

close

Create a FREE account

Tell us about yourself

(All Fields Required)

Create your user ID and password

Choose your subscription preferences

Select the Industries and Topics, Type of email content you would like to receive, and Region. (Leave all blank to receive none)

Step 1. Industries & Topics

Step 2. Choose Content

Step 3. Choose Region (s)

close
or
You'll have an opportunity to create your account later.
close
close
close