INTRODUCTION
This course is designed for the next generation of insider threat specialists introducing complex systems thinking and human behaviour science to insider threat risk assessment and mitigation. Participants leave the course clear-eyed that an organization's culture and workplace environment have and hugely significant affect (psych: emotions) on insider behaviour and with awareness and tools for more effectively identifying and mitigating conditions which contribute to insider threats.
Topics covered in this course include:
Target Audience
The risk managers, prevention/detection, and harm reduction specialists engaged by critical infrastructure to identify and mitigate insider threats; and threats posed from the outside from dependency on identification and other types of documents to make security and business decisions.
Learning Objectives
By the end of this course, participants will be able to:
Activities and Exercises: Participants are oriented to the course with a pre-course letter and pre-course survey to complete and submit for instructor review.
Day I: Identity Fraud and Personation Threats Practicum (3 hours)
"We shape our tools and then our tools shape us" - Marshall McLuhan
The course begins with applying complex systems thinking to a common security problem faced by critical infrastructure - closing the security gaps exploited by terrorists and criminal predators who fraudulently obtain government-issued identification, manufactured counterfeits with legally attributed stolen personal identifiers and stolen/loaned documents in the wrong hands. It exposes the Photo ID fallacy - that insiders can consistently associate a photo image with the presenter. Human fallibilities and behavioural insights introduced in Part 1 offer a natural segue into the larger context of insider threats (workplace sabotage, workplace violence, occupational fraud, theft and corruption) that play out in Parts II through Part VI.
Unit 1 Environmental Scan
Activities & Exercises: i) Personal introductions, brief overview, contact information, emphasis on keeping a journal; ii) summation of results of pre-course questionnaires completed by participants designed to align behind course objectives; iii) open discussion during the presentation on participant experiences and concerns on the topic; iv) Instruction on taking the Harvard Project Implicit Test ahead of Part II' and, v) Handout notes on Behavioural Biology 1 & 2 to be reviewed before Part VI
Day II: Implicit Bias (3 hours)
'" A lot of change is possible by just acknowledging unconscious bias–that exhaustively documented but unpleasant reality many would rather ignore–and listening with less bias and acting on what we then learn.” “It's not at all hard to understand a person; it's only hard to listen without bias.'"- Tara Moss
Implicit bias influences the judgement of insiders, particularly with time-sensitive sensory information that draws from long-term, emotions-laden memories. Participants will learn how to differentiate this from explicit bias (e.g. racism) and how to manage implicit bias.
Unit 2: Implicit Bias (2 hours)
Unit 3: Debiasing Techniques (1 hour)
Activities & Exercises: i) Instructor lead group discussion on participant thoughts and feelings from taking the Harvard Project Implicit Bias self-test; ii) Instructor request to journal their thoughts and feelings on how implicit bias affects judgement in their security sector, and iii) homework assignment: a) review a video: Robert Sapolsky: “You have 3 brains. This is how to use them” before Day III, and b) completion of a self-survey handout on each participant’s emotional styles created by Richard J. Davidson, Center for Health Minds (U of Wisconsin).
Day III: Intuition, Judgement and Decision-Making (3 hours)
"We think, each of us, that we’re much more rational than we are. And we think that we make our decisions because we have good reasons to make them. Even when it’s the other way around. We believe in the reasons, because we’ve already made the decision.’"– Daniel Kahneman
Participants are introduced to Emotional Intelligence and four identified emotional intelligence competencies. They will learn that; where IQ is pretty much set, emotional intelligence (SQ) can be improved on by most people. As a group, participants will discuss the results and insights from the self-test homework handed out in Part II on individual emotional styles and discuss where this may apply to insider threats and the mitigation of identity fraud at the point of service. Finally, participants are introduced to heuristic biases - cognitive shortcuts that influence their decision making.
Unit 4: Thinking Fast and Slow:
Unit 5: Heuristic Bias Impacting Security Decision-Making
Unit 6: Emotional Intelligence
Activities and Exercises: Instructor lead discussion on the insights form the Unit of emotional intelligence and applies to the security sector. about how participant see applying implicit bias, heuristic bias and science on emotional intelligence to security. can apply this observations from taking the Emotional Style self-test. Group discussion to how participants the most common heuristics biases that apply to security and insider threats Participants are encouraged to journal those identified. Reminder of Day 1 instruction to complete readings on Behavioural Biology 1 & 2
Day IV: Establishing a Baseline for Observing Behavior (3 hours)
Controlling one’s own behaviour is paramount to assessing the behaviour of others, and no more so than in multi-cultural environments. Like wolves circling a caribou herd for the kill that requires the least amount of energy and physical risk, so does the human predator’s brain approaching a point-of-service employee brain identify threats (‘risk-as-feeling’) at unconscious levels.
Unit 7: Personal Deportment at the Point-of-Contact
Activities & Exercises: Volunteer participants review their journal and general discussion to anchor concepts
Day V: Advanced Topics in Information Gathering (3 hours)
This part provided information important to overseeing the skills development of frontline employees tasked with identifying transactions and behavioural outliers that require escalation for more in-depth review. In normal conversation, people listen to what is being said and fill in the blanks when there is missing information. The need to deceive will manifest in the structure of the language used by an interviewee. Thus, in this session participants learn that point-of-service employees with screening responsibilities must listen to how things are said.
Unit 11: Introduction to Information Gathering
]Unit 12: The Information Gathering Plan
Day VI: Introduction to Biology and Prevention Science (3.5)
"If we want to make sense of our behavior - all the best, worst, and everything in between - we're not going to get anywhere if we think it can all be explained with one thing, whether it's one part of the brain, one childhood experience, one hormone, one gene, or anything." - Robert Sapolsky, Neurologist, Primatologist, Stanford University
This advanced session introduces behavioural biology and a new generation of crime prevention. Participants will come away from this session with new tools for critically thinking about the efficacy of current security mindset and practice, current regulatory standards for detecting a ruse, and insights from the science on the dynamic nature of human behaviour and insight into corporate culture and workplace environment being the most significant influencers on insider behaviour.
Unit 15: Biology (6 hours)
Unit 16: Prevention Science (2.5 hrs)
Activities & Exercises: Handout notes on Molecular/Behavioural Genetics. Video Assignment in preparation for Part VII.
Day VII Introduction to Post Industrial Age Science (6 hours)
"When you change the way you look at things, the things you look at change." - Max Planck, Theoretical Physicist
This part pushed the edges of the limitations of mathematical extrapolation (linearity) applied to business systems. Insider threat discussion is expanded to dynamic complex thinking to describe almost everything in the natural world: weather patterns, earthquakes, hurricanes, neuron patterns, the pulmonary and cardiovascular systems, the financial markets, and economic and social networks.
Unit 17: Dynamic Complex Systems Topics
Activities & Exercises: Group discussion on whether new science may be applied to security in the post-industrial, Information Age, and how to build a new generation of security from the bottom up. Participants are requested to complete the end-of-course questionnaire which will be correlated and distributed to everyone. Handout notes on Chaos, Emergence and Complexity. Three (3) hours pro-bono course access to course Instructor for consultation and clarification.
Assessment and Certification
This course is designed for the next generation of insider threat specialists introducing complex systems thinking and human behaviour science to insider threat risk assessment and mitigation. Participants leave the course clear-eyed that an organization's culture and workplace environment have and hugely significant affect (psych: emotions) on insider behaviour and with awareness and tools for more effectively identifying and mitigating conditions which contribute to insider threats.
Topics covered in this course include:
- negative emotional cues left unattended that may amplify into workplace sabotage and workplace violence;
- organization culture and workplace conditions inducing and providing cognitive rationalizations and excuses when insiders are tempted to do bad things (occupational fraud, theft, corruption);
- sustaining point-of-contact insider vigilance for detecting social engineering and identify fraud attacks from the outside, and insider resiliency to when tempted to do bad things;
- mitigating human fallibility with Photo ID to accurately associate the presenter of a Photo ID, and
- knowledge, skills and techniques for closing security gaps in our registration of births and insurers of government travel documents (e.g. passports) and identification tokens (e.g. driver’s licences)
- training for exceeding the standards of government regulators imposing diligence for detecting the ruse (e.g. money laundering and terrorist financing; attacks to consumers accounts and lines of credit).
Target Audience
The risk managers, prevention/detection, and harm reduction specialists engaged by critical infrastructure to identify and mitigate insider threats; and threats posed from the outside from dependency on identification and other types of documents to make security and business decisions.
Learning Objectives
By the end of this course, participants will be able to:
- Articulate the dynamic (nonlinear) nature of insider threats influenced by organizational culture and workplace environments
- Conduct threat risk assessments for identifying and mitigating related insider threats.
- Apply complex systems thinking to insider threat risk assessment at critical infrastructure with a new layer of security with insights from behavioural and crime prevention science.
- Adapt to fast-paced, changing environments as self-directed security learners for safeguarding critical infrastructure.
- Identify and close unattended to security gaps in government identity issuing systems and diligence requirements in Regulations when depending on identification and other types of documents to make security and business decisions (i.e. Identity Fraud; Personation; Money Laundering and Terrorist Financing).
- Apply frontline escalation of concerns protocols to creating safe workplace environments in ways that reduce client/customer feelings of bias in judgement and decision-making.
Activities and Exercises: Participants are oriented to the course with a pre-course letter and pre-course survey to complete and submit for instructor review.
Day I: Identity Fraud and Personation Threats Practicum (3 hours)
"We shape our tools and then our tools shape us" - Marshall McLuhan
The course begins with applying complex systems thinking to a common security problem faced by critical infrastructure - closing the security gaps exploited by terrorists and criminal predators who fraudulently obtain government-issued identification, manufactured counterfeits with legally attributed stolen personal identifiers and stolen/loaned documents in the wrong hands. It exposes the Photo ID fallacy - that insiders can consistently associate a photo image with the presenter. Human fallibilities and behavioural insights introduced in Part 1 offer a natural segue into the larger context of insider threats (workplace sabotage, workplace violence, occupational fraud, theft and corruption) that play out in Parts II through Part VI.
Unit 1 Environmental Scan
- Types of identification and their strengths and weaknesses.
- Case studies
- History of legislative responses to identity fraud and personation
- Group exercises on identifying gaps in current policies.
Activities & Exercises: i) Personal introductions, brief overview, contact information, emphasis on keeping a journal; ii) summation of results of pre-course questionnaires completed by participants designed to align behind course objectives; iii) open discussion during the presentation on participant experiences and concerns on the topic; iv) Instruction on taking the Harvard Project Implicit Test ahead of Part II' and, v) Handout notes on Behavioural Biology 1 & 2 to be reviewed before Part VI
Day II: Implicit Bias (3 hours)
'" A lot of change is possible by just acknowledging unconscious bias–that exhaustively documented but unpleasant reality many would rather ignore–and listening with less bias and acting on what we then learn.” “It's not at all hard to understand a person; it's only hard to listen without bias.'"- Tara Moss
Implicit bias influences the judgement of insiders, particularly with time-sensitive sensory information that draws from long-term, emotions-laden memories. Participants will learn how to differentiate this from explicit bias (e.g. racism) and how to manage implicit bias.
Unit 2: Implicit Bias (2 hours)
- Defining implicit bias
- Origin of implicit bias
- Real-world consequences
- Countermeasures
Unit 3: Debiasing Techniques (1 hour)
- Identifying personal biases
- Team identification of and mitigation of workplace biases
Activities & Exercises: i) Instructor lead group discussion on participant thoughts and feelings from taking the Harvard Project Implicit Bias self-test; ii) Instructor request to journal their thoughts and feelings on how implicit bias affects judgement in their security sector, and iii) homework assignment: a) review a video: Robert Sapolsky: “You have 3 brains. This is how to use them” before Day III, and b) completion of a self-survey handout on each participant’s emotional styles created by Richard J. Davidson, Center for Health Minds (U of Wisconsin).
Day III: Intuition, Judgement and Decision-Making (3 hours)
"We think, each of us, that we’re much more rational than we are. And we think that we make our decisions because we have good reasons to make them. Even when it’s the other way around. We believe in the reasons, because we’ve already made the decision.’"– Daniel Kahneman
Participants are introduced to Emotional Intelligence and four identified emotional intelligence competencies. They will learn that; where IQ is pretty much set, emotional intelligence (SQ) can be improved on by most people. As a group, participants will discuss the results and insights from the self-test homework handed out in Part II on individual emotional styles and discuss where this may apply to insider threats and the mitigation of identity fraud at the point of service. Finally, participants are introduced to heuristic biases - cognitive shortcuts that influence their decision making.
Unit 4: Thinking Fast and Slow:
- Introduction to the brain’s cognitive and more ancient sensory information processing systems
- How do these two systems influence each other and under what conditions
Unit 5: Heuristic Bias Impacting Security Decision-Making
- Mental shortcuts in decision making.
Unit 6: Emotional Intelligence
- Discussion on Richard Wilson’s (U of Wisconsin) self-tests on Emotional Styles
- Four Branches of Measurable Emotional Intelligence
- Improving EI with Mindfulness Training
Activities and Exercises: Instructor lead discussion on the insights form the Unit of emotional intelligence and applies to the security sector. about how participant see applying implicit bias, heuristic bias and science on emotional intelligence to security. can apply this observations from taking the Emotional Style self-test. Group discussion to how participants the most common heuristics biases that apply to security and insider threats Participants are encouraged to journal those identified. Reminder of Day 1 instruction to complete readings on Behavioural Biology 1 & 2
Day IV: Establishing a Baseline for Observing Behavior (3 hours)
Controlling one’s own behaviour is paramount to assessing the behaviour of others, and no more so than in multi-cultural environments. Like wolves circling a caribou herd for the kill that requires the least amount of energy and physical risk, so does the human predator’s brain approaching a point-of-service employee brain identify threats (‘risk-as-feeling’) at unconscious levels.
Unit 7: Personal Deportment at the Point-of-Contact
- Why it is important to establish a baseline for observing human behaviour.
- Techniques for messaging vigilance at the points of contact increase stress in dishonest people.
- The role of beliefs in deliberate/effortful information processing
- The importance of starting with total belief in the information-gathering process.
- Techniques for using eye contact to detect deception.
Activities & Exercises: Volunteer participants review their journal and general discussion to anchor concepts
Day V: Advanced Topics in Information Gathering (3 hours)
This part provided information important to overseeing the skills development of frontline employees tasked with identifying transactions and behavioural outliers that require escalation for more in-depth review. In normal conversation, people listen to what is being said and fill in the blanks when there is missing information. The need to deceive will manifest in the structure of the language used by an interviewee. Thus, in this session participants learn that point-of-service employees with screening responsibilities must listen to how things are said.
Unit 11: Introduction to Information Gathering
- Pure version (‘in the words of”) information-gathering techniques.
]Unit 12: The Information Gathering Plan
- Developing a standard information-gathering plan.
- General rules for effective information gathering.
- Techniques for addressing ambiguity, deflection and resistance
Day VI: Introduction to Biology and Prevention Science (3.5)
"If we want to make sense of our behavior - all the best, worst, and everything in between - we're not going to get anywhere if we think it can all be explained with one thing, whether it's one part of the brain, one childhood experience, one hormone, one gene, or anything." - Robert Sapolsky, Neurologist, Primatologist, Stanford University
This advanced session introduces behavioural biology and a new generation of crime prevention. Participants will come away from this session with new tools for critically thinking about the efficacy of current security mindset and practice, current regulatory standards for detecting a ruse, and insights from the science on the dynamic nature of human behaviour and insight into corporate culture and workplace environment being the most significant influencers on insider behaviour.
Unit 15: Biology (6 hours)
- Behavioural Evolution 1&2
- Molecular Genetics
- Behavioural Genetics
Unit 16: Prevention Science (2.5 hrs)
- Biology of Aggression
- Social Ecology of Crime
Activities & Exercises: Handout notes on Molecular/Behavioural Genetics. Video Assignment in preparation for Part VII.
Day VII Introduction to Post Industrial Age Science (6 hours)
"When you change the way you look at things, the things you look at change." - Max Planck, Theoretical Physicist
This part pushed the edges of the limitations of mathematical extrapolation (linearity) applied to business systems. Insider threat discussion is expanded to dynamic complex thinking to describe almost everything in the natural world: weather patterns, earthquakes, hurricanes, neuron patterns, the pulmonary and cardiovascular systems, the financial markets, and economic and social networks.
Unit 17: Dynamic Complex Systems Topics
- Chaos
- Emergence
- Complexity
Activities & Exercises: Group discussion on whether new science may be applied to security in the post-industrial, Information Age, and how to build a new generation of security from the bottom up. Participants are requested to complete the end-of-course questionnaire which will be correlated and distributed to everyone. Handout notes on Chaos, Emergence and Complexity. Three (3) hours pro-bono course access to course Instructor for consultation and clarification.
Assessment and Certification
- Participation and engagement in completing assignments, participating in discussions and journaling (30%)
- Quizzes at the end of each session (70%)
- Upon passing grades in session tests and individual interviews, participants will receive certification on Insider Threats: An Integrated Approach.
Course Price:
- $3,500 per participant / 4 participants minimum $16,000
Clientele
Critical Infrastructure: Defined as processes, systems, facilities, technologies, networks, assets and services that are essential to the health, safety, security or economic well-being of
Critical Infrastructure: Defined as processes, systems, facilities, technologies, networks, assets and services that are essential to the health, safety, security or economic well-being of
About the Instructor
John Lyons' professional development began in policing over 28 years. With multiple years of uniform and criminal investigations experience, he was assigned to the RCMP Federal Policing Branch, then Interpol Ottawa National Central Bureau. He finished out this career in the national training office, were he co-established the International Police Training Assistance Program and transferred training know how to Central Europe and Southeast Asia on intelligence analysis and money laundering. Post policing he joined the Insurance Crime Prevention Bureau of Canada (Toronto) conducting fraud investigations requested by insurance companies and independent adjusters. He spent thirteen years (Kingston) consulting on threats posed to health care card registration systems and preventing insider threats posed by trusted diagnosing and billing agents. John now applies this experience and continuing research for incorporating insights from science into conventional security and insider threat practice at critical infrastructure.
John Lyons' professional development began in policing over 28 years. With multiple years of uniform and criminal investigations experience, he was assigned to the RCMP Federal Policing Branch, then Interpol Ottawa National Central Bureau. He finished out this career in the national training office, were he co-established the International Police Training Assistance Program and transferred training know how to Central Europe and Southeast Asia on intelligence analysis and money laundering. Post policing he joined the Insurance Crime Prevention Bureau of Canada (Toronto) conducting fraud investigations requested by insurance companies and independent adjusters. He spent thirteen years (Kingston) consulting on threats posed to health care card registration systems and preventing insider threats posed by trusted diagnosing and billing agents. John now applies this experience and continuing research for incorporating insights from science into conventional security and insider threat practice at critical infrastructure.
For more details on the course and grants contact:
Matt Rakowski
Kestrel Partners Group
[email protected]
Matt Rakowski
Kestrel Partners Group
[email protected]