Tracy Cassidy from the CERT Team at Carnegie Mellon University will be holding a lecture on Insider Threats on Wednesday, March 20th from 4:30 – 5:30 pm in the Wheatley Atrium. This is a Top Secret Colonials sponsored event. Students will receive one (1) hour of SET credit for attending. Pizza and drinks will be provided. Please read below for information on Tracy Cassidy.
Tracy Cassidy is an Insider Threat Researcher at the CERT Insider Threat Center, part of the Software Engineering Institute (FFRDC) at Carnegie Mellon University. Her work at CERT Insider Threat Center has focused on researching behavioral and socio-technical factors surrounding a variety of insider threats such as espionage, fraud, information technology sabotage, theft of intellectual property, workplace violence and terrorism. Prior to becoming a researcher, Cassidy was a practicing clinical psychotherapist. As a psychotherapist, she focused on clients with criminal backgrounds, substance abuse problems, and severe mental health issues. She was a long time contracted Federal Services Program Director for the U.S. Department of Justice’s Bureau of Prisons and U.S. Federal Probation and Pretrial Services which provided mental health and substance abuse services for hundreds of clients entering or exiting the federal criminal justice system in Northern California, Hawaii, and Guam. During her work at CERT, she has been continually looking at ways to bridge the technical-behavioral gap in addressing insider threat and cybersecurity challenges. Tracy has her B.A. in Psychology and her M.A. in Clinical Psychology. Cassidy is an active member of InfraGard as well as the Association of Threat Assessment Professionals (ATAP) community where she sits on the DC Chapter board and is the local Chapter Development Chair. She is one of the original founders of BSides Pittsburgh.
Organizations across all industry and government sectors face risks from insider threats. Insiders can use their authorized access to systems, facilities, and information to either maliciously or unintentionally harm their organization and this threat may not stop when the employee leaves the organization. Technology has made it easier to exfiltrate proprietary, sensitive, or classified information as seen in many recent cases. During this presentation, Tracy will discuss the types of insider threats, case examples, and the potential risk indicators that might be visible to give technical and behavioral clues that the insider is on the pathway to insider risk. Insider threat mitigation is about prevention, detection and response- all topics of discussion during this presentation.