This course defines insider threat, examines relevant laws and regulations, and explores motivations and indicators of insider threat agents. The course looks at information sources that support investigations, such as system and network logs, detection tools, public records, and agency checks, and also covers tools used to analyze and evaluate information. Acquiring competency in the analytical process enables practitioners to identify probable cyber insider threat actors and develop strategies to mitigate or exploit the threat activity.
Assess potential cyber insider threat activity
Appraise collected data to differentiate relevant information from false positives
Assess data to identify cyber insider threat activity
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.