High Tech Crimes and Insider Threats
You Will Learn:
- The types of high tech crimes and how to recognize them.
- How to build policies that will allow your organization to effectively investigate suspicious activities
- How to assess risk of insider threats, and build mitigating controls.
- How to conduct a basic investigation without destroying critical evidence.
- How to work with Law Enforcement to reduce the business impact of criminal investigations.
HST.1: Introduction and Concepts
CPE/CMU Credits: 6
- Threat landscape
- All about insiders and the Threats they pose
- Warning Signs: What to look for
- Incident Response: A Policy approach
- Investigation Concepts
- Working with Law Enforcement
- Investigation Tools
HST.2: Putting it all together
CPE/CMU Credits: 6
- Incident Response Scenarios
- Detection and Mitigation Strategies
- Evidence Collection 101
- Basic Evidence Analysis
- Special issues with Insiders
Laptop not required, but strongly suggested. Supplementary materials will require a Windows based workstation or VM.
If you have additional questions about the laptop specifications, please contact firstname.lastname@example.org.
Who Should Attend
- Systems and Network Administrators
- Internal Auditors and Investigators
- Information Security Policy Professionals
- Have familiarity with basic information security concepts
- Have basic understanding of network engineering
- Have basic understanding of system administration for Windows computers.
What You Will Receive
- Downloadable forensic images containing examples of common nefarious insider activity and crime activity.
- Demo licenses for software used in the examples.
- A printed class manual
You Will Be Able To
- Help your organization define its high risk areas for insider threats .
- Design detection methods for illicit insider access.
- Build a best practices policy for incident response.
- Implement policies for working with local law enforcement resources.
- Safely and correctly collect electronic evidence.
- Perform basic analysis of electronic evidence.
- Work successfully with local law enforcement.
- Brief stakeholders on current and foreseeable threats.
*CPE/CMU credits not offered for the SelfStudy delivery method