Insider Threat Vulnerability Assessor Certificate

The Insider Threat Vulnerability Assessor (ITVA) Certificate program enables assessors to help organizations gain a better understanding of their insider threat risk and an enhanced ability to identify and manage associated risks. The assessment methodology assists organizations by measuring how prepared they are to prevent, detect, and respond to the insider threat. Organizations will have the ability to license the CERT Insider Threat Vulnerability Assessment tool for internal use or to assess others for potential vulnerabilities.

Learners will have one year to complete each certificate component. Upon completing all certificate components, the learner is awarded an electronic certificate of completion.

Who Should Attend?

Insider Threat Program Managers* who wish to gain additional knowledge to support their efforts in the development and operation of their insider threat programs

Those interested in licensing** the CERT methodology and tools to perform insider threat vulnerability assessments within their organization or in other organizations

* Please note that in order to complete the Insider Threat Vulnerability Assessor (ITVA) training course, both non-licensee Insider Threat Program Managers and candidate assessors must sign an acknowledgement that the CERT assessment toolkit and intellectual property is restricted.

**Please note that candidate assessors who wish to license the CERT assessment toolkit must be sponsored by an approved SEI Partner organization. SEI Partner organizations provide SEI-based services through sponsored individuals who hold SEI Certificates. For more information on how to become an SEI Partner organization and associated fees, please refer to Certification Opportunities > Insider Threat Vulnerability Assessor.

Package

Save by register for all four certificate components at once:

$3000 - U.S. Government/Academia
$3500 - U.S. Industry
$4000 - International

The package option includes all components necessary to obtain the ITVA Certificate. Choose the date for the classroom component (Insider Threat Vulnerability Assessor Training) to register for the package:

Each of the above price options is available at one of the following offerings:

Register for Package (April 19-21, 2017 - Arlington, VA)

Register for Package (July 25-27, 2017 - Arlington, VA)

Register for Package (October 24-26, 2017 - Arlington, VA)

Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials.

Components

Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats

E-Learning

This 5-hour course provides a deeper understanding of insider threat terminology, identifies the different types of insider threats, teaches how to recognize both technical and behavioral indicators, and outlines mitigation strategies.

Learn more about:

Prerequisites
Topics
Objectives
Materials
System Requirements

Register $350

Insider Threat Vulnerability Assessor Training

Classroom

This 3-day course develops the skills and competencies necessary to perform an insider threat vulnerability assessment of an organization.

Learn more about:

Prerequisites
Topics
Objectives
Materials
Schedule

Pricing

$2,250 - U.S. Government/Academia
$2,650 - U.S. Industry
$3,150 - International

Dates

Choose a date to register :

Register April 19-21, 2017 - Arlington, VA

Register July 25-27, 2017 - Arlington, VA

Register October 24-26, 2017 - Arlington, VA

Building an Insider Threat Program

E-Learning

This 7-hour course is to provide a thorough understanding of the organizational models for an insider threat program, the necessary components to have an effective program, the key stakeholders who need to be involved in the process, and basic education on the implementation and guidance of the program.

Learn more about:

Prerequisites
Topics
Objectives
Materials
System Requirements

Register $500

Insider Threat Vulnerability Assessor Examination

Online Exam

The Insider Threat Vulnerability Assessor (ITVA)  Examination evaluates a candidate assessor's comprehension of the CERT insider  threat assessment methodology.

After registering for the exam, Candidate Assessors can begin the online exam at any time.  Once the examination is started, the candidate assessor will have 24 hours to complete the examination.

Learn more about:

Prerequisites
Topics
Objectives
Materials
System Requirements

Register $250

Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats

E-Learning

This 5-hour online course provides a deeper understanding of insider threat terminology, identifies the different types of insider threats, teaches how to recognize both technical and behavioral indicators, and outlines mitigation strategies.

Please note that successful completion of this course is a required component of the Insider Threat Program Manager, Insider Threat Vulnerability Assessor, and Insider Threat Program Evaluator Certificate Programs.

Prerequisites

There are no prerequisites for this course.

Topics

This online course contains five (5) hours of video instruction presented by experts from the CERT Insider Threat Center. Additionally, the course includes questions to confirm and reinforce your understanding of the concepts presented. The topics you will study are:

  • Insider Threat definitions, issues, and types
  • Severity and impact of insider threat activity
  • Fraud: examples, dynamics, technical aspects, and countermeasures
  • Theft of Intellectual Property: examples, dynamics, exfiltration, and mitigation
  • Unintentional Insider Threat
  • Insider Threat Prevention, Detection, and Mitigation Strategies

Objectives

At the completion of the course, learners will be able to:

  • Define an Insider and threats they impose to critical assets
  • Recognize the difference between malicious versus unintentional insider threat
  • Recognize the most common types of insider threat
  • Identify the prevalence and damage caused by insider threat activity
  • Identify legislation enacted to help prevent insider threat
  • Describe the activity, behavioral and technical precursors, and characteristics of fraud and theft of intellectual property
  • Recognize and avoid unintentional insider threat
  • Recognize controls to potentially prevent insider attacks
  • Identify best practices for insider threat mitigation
  • Recognize the purpose of an Insider Threat Program

Materials

This course is presented in the form of video instruction presented by experts from the CERT Insider Threat Center. Self-assessments following each topic presented assist with comprehension of the subject matter. Learners will also be able to access additional resources related to the subject matter and a downloadable copy of the course presentation slides.

System Requirements

The CERT STEP (Simulation, Training, and Exercise Platform) is a flexible, multi-media, e-learning environment that you can access anywhere, anytime. To use STEP effectively, you need the following:

  • Operating Systems: Windows 98 / NT 4.0 / Windows 2000 / Windows XP / Windows Vista / Windows 7 / Mac OS X
  • Web browsers: Internet Explorer 7+ or Firefox 3+
  • Adobe Flash version 10+ (for Lecture and Demo access)
  • JRE Version 6+ (for lab access)
  • Computer system and network settings that allow access to streaming video from internet sources
  • Minimum client resolution of 1280x1024 to enable proper Video and Lab Player display
  • Internet connection of 384 Kbps or greater (to sustain downloads with no more than 230 ms of latency). STEP does not currently support off-line viewing or content download

Insider Threat Vulnerability Assessor Training

Classroom

This 3-day  course develops the skills and competencies necessary to perform an insider  threat vulnerability assessment of an organization.

This  training is based upon the research of the CERT Insider Threat Center of the  Software Engineering Institute. The CERT  Insider Threat Center has been researching the insider threat problem since  2001 in partnership with the Department of Defense, the Department of Homeland  Security, the U.S, Secret Service, other federal agencies, the intelligence  community, private industry, academia, and the vendor community.

The Insider  Threat Vulnerability Assessment helps organizations to

  • identify issues  impacting their insider threat risk
  • design and  implement tactical countermeasures
  • formulate a  strategic action plan for long-term risk mitigation

The  organizational vulnerabilities and corresponding processes for detection and  response that are assessed are based on actual cases and CERT'sresearch into  appropriate mitigations. Course participants will learn how to plan and execute  an assessment including developing the final evaluation report.

Please note  that successful completion of this course is a required component of the  Insider Threat Vulnerability Assessor (ITVA) Certificate.

Prerequisites

Participants  completing the Insider Threat Vulnerability Assessor Training Certificate must  take the prerequisite courses:

  • Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats
  • Building an Insider Threat Program

Please note that in order to attend the Insider Threat  Vulnerability Assessor Training course, students must sign  an acknowledgement that the CERT assessment toolkit and intellectual property  is restricted.

Students are  also strongly recommended to also take the Insider  Threat Program Implementation and Operation course to provide additional  background knowledge for the course, but this is not required.

Topics

The course covers topics such as:

  • ITVA  assessment methodology lifecycle: Planning, Pre-Assessment, On-site, and  Post-Assessment / Reporting
  • ITVA  workbook components: capabilities, levels of preparedness, indicators,  evidence, and scoring
  • Capability  areas: Data Owners, Human Resources, Legal, Physical Security, Information  Technology, Software Engineering, and Trusted Business Partners
  • ITVA  workbooks including
    • types:  (there are seven workbooks corresponding to the seven capability areas)
    • structure
    • use
  • Preparing  and planning for the assessment
  • Knowledge,  skills, and abilities required to perform the assessment
  • Building  a multi-disciplinary assessment team
  • Pre-assessment  activities including
    • completion  of pre-assessment spreadsheet by the assessed organization
    • determining  logistics
    • reviewing  organizational documentation
    • developing  a data collection plan
  • Using  Pre-assessment tools and templates
  • Performing  on-site data collection (interviews and observations)
  • Substantiating  and corroborating evidence for meeting indicators
  • Recording  and scoring data in the Joint Assessment Tool (JAT)
  • Developing  the assessment report
  • Completing  the assessment
  • Overview  of ITVA capabilities and indicators for each area/workbook

Objectives

At the completion of the course, learners will be able to:

  • Describe the  phases of the ITVA assessment process
  • Distinguish  between capabilities, levels, and indicators
  • Scope assessment  for particular critical assets or business processes
  • Identify  logistics that must be determined for an assessment
  • Plan and schedule  an assessment
  • Develop a data  collection plan
  • Review assessed  organization's submitted documentation to determine applicability as evidence  and map to related capabilities and indicators
  • Observe execution  or demonstration of activities during on-site to substantiate indicator performance
  • Interview  assessed organization's staff to corroborate performance of indicators
  • Enter evidence  into the Joint Assessment Tool (JAT)
  • Substantiate  evidence of indicators being met
  • Score  capabilities based on indicator verification
  • Record  substantiation of indicators and scores for capabilities in the JAT
  • Outline the main  sections of the assessment report
  • Write sections of  the assessment report
  • Defend results  presented in the assessment report

Materials

Course  methods include lecture, group exercises, and scenario completion. Participants  will receive a course notebook, case studies and a CD containing the course and  supplemental materials.

Schedule

This 3-day course meets at the following times:

Days 1-3

9:00 a.m. - 5:00 p.m.         

Building an Insider Threat Program

E-Learning

This 7-hour online course provides a thorough understanding of the organizational models for an insider threat program, the necessary components to have an effective program, the key stakeholders who need to be involved in the process, and basic education on the implementation and guidance of the program.

Please note that successful completion of this course is a required component of the Insider Threat Program Manager, Insider Threat Vulnerability Assessor, and Insider Threat Program Evaluator Certificate Programs.

Prerequisites

There are no prerequisites for this course. However, students are strongly advised to take Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats first to insure a thorough understanding of the course content.

Topics

This online course contains seven (7) hours of video instruction presented by experts from the CERT Insider Threat Center. Additionally, the course includes questions to confirm and reinforce your understanding of the concepts presented. The topics you will study are:

  • Components of an Insider Threat Program
  • Requirements for a formal program
  • Organization-wide participation
  • Oversight of program compliance and effectiveness
  • Integration with enterprise risk management
  • Prevention, detention and response infrastructure
  • Insider Threat training and awareness
  • Confidential reporting procedures and mechanisms

Learners will have one year to complete the course. Upon completing all course elements, the learner is awarded an electronic certificate of course completion.

Objectives

At the completion of the course, learners will be able to:

  • State the key components and principles of a formalized insider threat program
  • Identify the critical organizational entities that must participate in the development, implementation, and operation of the program
  • Begin or enhance their strategic planning for developing and implementing a formalized insider threat program
  • Create an implementation plan and roll-out
  • Identify the type of staff and skills needed as part of the insider threat program operational team
  • Identify the types of policies and procedures needed to institutionalize the insider threat program
  • Identify existing organizational policies and procedures which require enhancement to support the insider threat program activities
  • CMU SEI CERT Division Digital Library Blogs
  • Determine the types of infrastructure requirements needed to support the insider threat program operations
  • Identify the type of governance and management support needed to sustain a formal insider threat program

Materials

This course is presented in the form of video instruction presented by experts from the CERT Insider Threat Center. Self-assessments following each topic presented assist with comprehension of the subject matter. Learners will also be able to access additional resources related to the subject matter and a downloadable copy of the course presentation slides.

System Requirements

The CERT STEP (Simulation, Training, and Exercise Platform) is a flexible, multi-media, e-learning environment that you can access anywhere, anytime. To use STEP effectively, you need the following:

  • Operating Systems: Windows 98 / NT 4.0 / Windows 2000 / Windows XP / Windows Vista / Windows 7 / Mac OS X
  • Web browsers: Internet Explorer 7+ or Firefox 3+
  • Adobe Flash version 10+ (for Lecture and Demo access)
  • JRE Version 6+ (for lab access)
  • Computer system and network settings that allow access to streaming video from internet sources
  • Minimum client resolution of 1280x1024 to enable proper Video and Lab Player display
  • Internet connection of 384 Kbps or greater (to sustain downloads with no more than 230 ms of latency). STEP does not currently support off-line viewing or content download

Insider Threat Vulnerability Assessor Examination

Online Exam

To insure  the ability of a candidate assessor to identify and manage insider threat risk  within organizations, the Insider Threat Vulnerability Assessor (ITVA)  Examination evaluates a candidate assessor's comprehension of the CERT insider  threat assessment methodology.

The Insider  Threat Vulnerability Assessor Examination is an objective evaluation of your understanding  of the best practices for assessing Insider Threat risk. It is required for conferral of the Software  Engineering Institute's Insider Threat Vulnerability Assessor   Certificate.

After  registering for the exam, Candidate Assessors can begin the online exam at any  time. Once the examination is started,  the candidate assessor will have 24 hours to complete the examination.

Prerequisites

Before registering for this exam, participants must complete these prerequisite courses:

  • Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats
  • Building an Insider Threat Program
  • Insider Threat Vulnerability Assessor Training

Topics

The exam consists of 65 multiple choice questions. Each question has either four or five possible answers, only one of which is correct. The exam covers the following topic areas:

  • Insider Threat General Overview
  • Insider Threat definitions, issues, and types
  • Severity and impact of insider threat  activity
  • Unintentional Insider Threat
  • Insider Threat Prevention, Detection, and  Mitigation Strategies
  • Insider Threat Vulnerability Assessment  Methodology
  • Insider Threat Assessment phases
  • Insider Threat Assessment scope
  • Insider Threat Assessment capabilities and  scoring
  • Insider Threat Assessment capability areas  and focus areas
  • Insider Threat Assessment team roles and  responsibilities
  • Insider Threat Assessment team practices as  indicated in the ITA Software Engineering workbook guidance
  • Insider Threat Assessment processes as  indicated in the ITVA Data Owners workbook guidance
  • Insider Threat Joint Assessment Tool (JAT)

Objectives

Participants must achieve a minimum passing score of 80% for the Insider Threat Vulnerability  Assessor  Certificate.

Materials

The exam is based on instruction provided in the Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats, Building an Insider Threat Program, and Insider Threat Vulnerability Assessor Training.  You can reference the course materials as needed during the exam.  Please keep in mind that the test will conclude after 24 hours regardless of the number of questions answered.

System Requirements

To access the SEI Learning Portal, your computer must have the following:

  • Operating Systems: Windows 98 / NT 4.0 / Windows 2000 / Windows XP / Windows Vista / Windows 7 / Mac OS X
  • Browsers: Microsoft Internet Explorer 5.5 or above / Mozilla Firefox
  • Configure your browser to allow pop-ups from this site.
    Explorer: Tools > Internet Options > Privacy
    Firefox: Tools > Options > Content