Insider Threat Program - Professional Certification
About
The Insider Threat Program Professional course develops the practical skills, confidence, and judgement required to operate a modern insider threat capability. Participants learn how to identify insider risks, recognise behavioural and technical indicators, run core workflows, and make defensible decisions in high‐stakes environments.
Across 3.5 days, the course blends structured instruction, case studies, scenario-based labs, and a capstone simulation to ensure participants build true operational competence.
The program is aligned with internationally recognised practices, including the SEI Common Sense Guide to Mitigating Insider Threats, giving learners an evidence-based foundation for professional practice.
Enrolment includes complimentary access to the Insider Threat Foundation course, ensuring all participants begin with a unified baseline of knowledge before entering professional-level training.
Objectives
After completing this course, participants will be able to:
Operate with Professional Confidence:
- Understand how mature insider threat programs are structured and governed.
- Apply ethical, privacy, and lawful monitoring principles.
- Navigate professional responsibilities and decision-making boundaries.
- Collaborate effectively across HR, Legal, IT, Security, Compliance, and IR.
Detect and Interpret Insider Threat Signals:
- Recognise behavioural and technical indicators of insider risk.
- Understand visibility models, telemetry sources, and foundational UEBA concepts.
- Apply SEI mitigation practices to guide decisions and reduce risk.
Run Core Insider Threat Workflows:
- Conduct intake, triage, investigation, and escalation with rigor.
- Manage evidence handling and documentation requirements.
- Support workforce awareness and manager enablement initiatives.
Topics Covered
Pre‑Work:
- Insider Threat Foundation course (included)
- Discovery & Alignment Survey
- 60–minute instructor consultation
- SEI Common Sense Guide – core reference
Day 1 – Mandate, Governance & Ethical Foundations:
- Anatomy of a mature insider threat program
- Professional mandate, authority, and responsibilities
- Governance structures and cross‑functional alignment
- Privacy, lawful monitoring, and ethical considerations
- SEI: governance, policies, asset prioritisation, organisational culture
Day 2 – Workflows, Investigations & Decision Rights:
- Intake → triage → investigation → escalation workflows
- Evidence handling, documentation, and chain of custody
- Defensible decision‑making under uncertainty
- Cross‑functional operations with HR, Legal, IR, Security, IT
- SEI: access control, HR integration, contractor management, behavioural oversight
Day 3 – Detection, Behavioural Signals & Workforce Enablement:
- Behavioural and technical indicators of insider risk
- Telemetry prioritisation and visibility model design
- UEBA fundamentals and analytic reasoning
- Reporting culture, manager enablement, and awareness
- SEI: detection, anomaly identification, training, communication
Day 4 AM – Capstone Simulation:
- Full end‑to‑end insider threat case scenario
- Ethical and governance decision points
- Triage and investigative reasoning
- Behavioural and technical analysis
- Escalation and stakeholder coordination
- Executive communication and justification
This simulation reinforces professional judgement and operational readiness.
Benefits
- Insider Threat Foundation course (free with enrolment)
- SEI Common Sense Guide
- Professional mandate templates
- Workflow, triage, escalation & evidence handling guides
- Behavioural and technical indicator reference sheets
- Awareness & manager engagement frameworks
- Tabletop exercise design kit
- Professional Competency Checklist
Who Should Attend
- Security, Cybersecurity, and Risk Management
- HR, Legal, IT, Compliance, and Incident Response
- Fraud, Governance, Behavioural Risk, and People & Culture
- Anyone progressing toward the Insider Threat Program Expert certification
Prerequisite
No pre-requisite.
Includes FREE access to the Insider Threat Foundation Course.
Course Length
- 3.5‐day instructor‐led program(onsite)
- Blended delivery: instruction, scenarios, labs, case studies, capstone
- Pre‐work and consultation included
- Assessment via participation, labs, and capstone simulation