- Premium Members Only Content - Exclusive Video -
For more than a decade, Carnegie Mellon University's CERT Insider Threat Center has studied and mapped the various risks of fraud, sabotage and theft of intellectual property. But the landscape is changing, and the latest research offers new insights on managers who commit fraud, as well as innocent employees who are exploited by external agents.
In this video interview, Dawn Cappelli and Randy Trzeciak of the insider threat center discuss:
Who typically commits insider crimes - and how;
How employees are being victimized from outside;
Why our critical infrastructure is at heightened risk.
In its research, the Insider Threat Center at Carnegie Mellon University CERT has studied hundreds of insider crimes, and it has identified three distinct patterns:
Sabotage committed by disgruntled employees who want to exact vengeance upon an organization;
Theft of intellectual property by employees who feel entitlement;
Fraud perpetrated by those who have privileged access to financial accounts.
The latest research shows that managers increasingly are involved in insider crimes, and employees often are often the unwitting tools of outsiders who use social engineering to worm their way into organizations.
Emerging technology gives criminals greater opportunity to commit insider crimes. But it also gives security organizations better tools for early detection and prevention.
In this exclusive video interview, Dawn Cappelli and Randy Trzeciak of the Carnegie Mellon CERT Insider Threat Center share their latest insights and advice on the most common insider crimes and how to detect them. They also discuss why the US critical infrastructure is at heightened risk and what can be done to ensure better protection.
Cappelli is director, insider risk management, at Rockwell Automation. She is responsible for design and execution of Rockwell's insider risk management program to deter, detect and respond to malicious insider activity across the global enterprise while protecting privacy and civil liberties of employees. Cappelli joined Rockwell from Carnegie Mellon University where she was founder and director of the CERT Insider Threat Center. She is recognized as one of the world's leaders in insider threat mitigation, and has worked with government and industry leaders on national strategy issues.
Trzeciak heads a team focusing on insider threat research, threat analysis and modeling, assessments and training. He has more than 20 years of experience in software engineering, focusing on database design, development and maintenance. In addition to his role with CERT, he is an adjunct professor at Carnegie Mellon's Heinz College, Graduate School of Information Systems and Management.