Steve Young - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

What is the best way to prepare for the ITPM certification?

The ITPM certification can help security managers bolster insider threat programs. Here's what the certification involves and how to best prepare for it.

Carnegie Mellon University introduced the Insider Threat Program Manager (ITPM) certification. Since insider threats are an increasing issue for enterprise security, I'd like to achieve the ITPM certification. What are some good ways to prepare for it?

The ITPM certificate program, sponsored by the CERT program from Carnegie Mellon University, was developed to satisfy the requirements of President Obama's Executive Order 13587. It assists insider threat program managers who are developing a formal insider threat program. The certificate covers areas such as insider threat planning, identification of internal and external stakeholders, components of an insider threat program, insider threat team development, strategies for effective communication of the program and how to effectively implement and operate the program within the organization.

The ITPM certification is comprised of four components:

  1. Insider Threat Overview: Preventing, Detecting and Responding to Insider Threats (E-Learning -- 5-hour course - $350)
  2. Building an Insider Threat Program (E-Learning -- 7-hour course - $500)
  3. Insider Threat Program Implementation and Operation (Classroom -- 3.5-day course - $2,650 for U.S. Industry)
  4. Insider Threat Program Manager Certificate Exam (Online Exam - $250)

There are no pre-requisites for components 1 and 2; component 3 requires taking component 1 and 2; the exam requires completion of components 1, 2 and 3. Materials vary by component but are available in video form from the CERT Insider Threat Center, downloadable course presentation slides and self-assessments. The classroom component is made up of lectures, group exercises, course notebooks, case studies and a CD containing course and supplemental materials.

Applicants have one year to complete each certificate component. Upon completing all certificate components, the applicant is awarded an electronic certificate of completion.

CERT recommends that Insider Threat Program Team Members and Insider Threat Program Managers should attend. However, given the topics covered, this exam would benefit CISOs, information security managers, engineers and architects. ITPM is open to U.S. government, academia, U.S. industry and international learners.

The ITPM is a certificate for managers. Insider Threat Program Manager objectives vary by component, but below are objectives that provide a representation of the overall ITPM certificate program:

  • Cover components of an insider threat program.
  • Cover requirements for a formal program.
  • Facilitate organization-wide participation.
  • Define an insider and the threats one imposes to critical assets.
  • Recognize the difference between malicious and unintentional insider threats.
  • Recognize the most common types of insider threats.
  • Determine the infrastructure needed to support the insider threat program operations.
  • Identify the type of governance and management support needed to sustain a formal insider threat program.

Since the course material is not available until the user registers for the components there aren't any advanced materials or books from CERT to help you prepare for the program. It's a good idea to review the ITPM component topics and objectives, and focus on related topics from other materials. Most publicly available material can help, but remember that the Insider Threat Program Manager certification is centered on internal threats.

The ITPM certificate seeks to bolster insider threat programs for government and industry. It is intended for federal insider threat programs but there's a lot of interest from industry, so it will likely continue to gain ground across the threat intelligence community.

Ask the Expert:
Have questions about enterprise security? Send them via email today. (All questions are anonymous.)

Next Steps

Learn the benefits of the ITPM certification and how to apply insider threat detection during the hiring process. Plus check out why insider threat prevention may require enterprises to spend more.

This was last published in December 2015

Dig Deeper on Security industry certifications