top of page

Our Initiatives

Certificats in Insider Risk Awareness
Virtual Meeting
download_edited.png
Students Typing at Their Computers

12 ASIS Continuing Professional Education (CPE) Credits - Aligns with ASIS Certified Protection Professional (CPP), Physical Security Professional (PSP), and Associate Protection Professional (APP) certification programs

This course is instructed online and focused on screening and risk factors (12 learning hours over two days).  Learning objectives include:

•Broadened understanding of insider threat with an emphasis on the security screening process,

•Heightened ability to recognize (i.e., red flags), detect and defend against insider risks within organizations, 

 

•Introduction to motives or personal situations that may increase an employee’s likelihood to act out against an employer, 

 

•Practical knowledge of a risk factor framework used to recognize behaviours indicating potential employee concern and management of residual risks, 

 

•Awareness of continuous assurance (i.e., aftercare) measures that can be used with current employees, as well as considerations upon an employee departing an organization, and,

 

•Understanding of personal social media presence and related company strategies.

Picture5.jpg

Featured Instructor

Mr. Brian Thompson

Brian is the CInRM CoE Chief Learning Officer and has over 40 years of experience in the Canadian Armed Forces, Department of National Defence, and the Royal Canadian Mounted Police. 

 

Over the past several years, he has conducted risk-based security screening and insider risk training, as well as advised and consulted on various personnel security files.  He holds an M.A. degree in personality psychology from the University of Manitoba and is certified as an Insider Threat Program Manager and Vulnerability Assessor from Carnegie Mellon University.

Screenshot 2023-02-17 060306.png

SAMPLE

image.png

SAMPLE

*Professional Certificate obtained when Foundations for Screening and Risk Factors, Investigations, Organizational Integration, and Open Source Research and Intelligence practical certificates are completed.

What Participants Say

The presentation was great! Brian Thompson is very knowledgeable
Virtual Meeting
download_edited.png
Adult Students

12 ASIS Continuing Professional Education (CPE) Credits - Aligns with ASIS Certified Protection Professional (CPP), Associate Protection Professional (APP), and Professional Certificate Investigator (PCI) certification programs

This course is instructed online and focused on investigations (12 learning hours over two days).  Learning objectives include:

• Understanding of the present threat environment and different insider threat types,


• Investigations preparation and understanding of behavioural indicators,


• Detailed components of the investigative process, including identifying the investigative issue and establishing the scope of the investigation, gathering data, analysis, and response as part of overall risk management, and reporting,


• Considerations on when to report to the police of jurisdiction, as well as when to take legal actions, and,


• Proactive measures.

20240419_143815_edited.jpg

Featured Instructor

Mr. Denis Desnoyers

Denis is an Associate Instructor and retired Superintendent with over 35 years of experience in the Royal Canadian Mounted Police (RCMP).

In Denis' career with the RCMP he held the following notable positions: 

  • Officer in Charge of Sensitive and International Investigations; 

  • Contingent Commander, Haiti;

  • Senior Investigator Elections Canada;

  • Officer in Charge Ottawa Detachment;

  • Officer in Charge Integrated Market Enforcement Operations;

  • Senior Police Advisor Afghanistan;

  • Divisional Intelligence Officer;

  • Detective Inspector Commercial Crime;

His academic background includes Carleton University (Criminology), University of Waterloo (Accounting and Related Services), and Algonquin College of Applied Arts and Technology (Criminal Justice/Police Science.

image (1).png

SAMPLE

image.png

SAMPLE

*Professional Certificate obtained when Foundations for Screening and Risk Factors, Investigations, Organizational Integration, and Open Source Research and Intelligence practical certificates are completed.

Advanced Certificate - Investigators

What Participants Say

This is good, simple and pertinent.
Team meeting
download_edited.png
Team meeting

12 ASIS Continuing Professional Education (CPE) Credits – Aligns with ASIS Certified Protection Professional (CPP), Physical Security Professional (PSP), and Associate Protection Professional (APP) certification programs

This course is instructed online and focused on organizational integration (12 learning hours over two days).  Learning objectives include:

•Broadened understanding of insider risk from a practical, organizational and operational perspective,


•Deeper appreciation for the cultural, fiscal, organizational and operational barriers to insider risk discussions,


•Broadened awareness of strategic and operational partners that can become allies in developing an insider risk program,


•Skillsets to communicate insider risk to different corporate and client audiences, and,


•Strategy development to ensure the long-term success of a nascent insider risk program.

VIA-Paul - 1 (1).jpg

Featured Instructor

Mr. Paul Huston

Mr. Huston has been engaged for over 30 years in the fields of security, business continuity and risk management. After serving domestically and overseas with the Canadian Security Intelligence Service (CSIS) and British Security Service (MI5), Mr. Huston went on to lead corporate security and business continuity programs within VIA Rail, Lowes / RONA, and BGIS (as Global CSO). He has taught and presented to the Federal Bureau of Investigation (FBI), CSIS, the International Civil Aviation Organization (ICAO), and ASIS International – as well as other industry and security organizations.
 

In addition to his corporate work, Mr. Huston has partnered with key charities and international aid organizations to build and tailor insider risk programs to their unique work requirements.

*Professional Certificate obtained when Foundations for Screening and Risk Factors, Investigations, Organizational Integration, and Open Source Research and Intelligence practical certificates are completed.

Organizational Integration
Virtual Meeting
download_edited.png
Laptop Writing

12 ASIS Continuing Professional Education (CPE) Credits - Aligns with ASIS Certified Protection Professional (CPP), Associate Protection Professional (APP), and Professional Certificate Investigator (PCI) certification programs

This course is instructed online and focused on open source research and intelligence (12 learning hours over two days).  Learning objectives include:

•Gain a comprehensive understanding of the personal risks associated with social media presence,


• Discover how OSINT methodologies and intelligence techniques can be implemented by organizations to safeguard against insider threats and strengthen risk management practices,


•Apply OSINT techniques to gather publicly available data that aids in behavioral monitoring and early warning detection,


•Explore how OSINT can identify potential risks during security clearances and support administrative investigations, and,


•Understand how OSINT and related intelligence processes contribute to assessing the scope and impact of insider threats and incidents.

dan_edited.jpg

Featured Instructor

Mr. Daniel Bertrand

Mr. Bertrand retired from public service with over 35 years of experience in law enforcement and federal investigations, including service as an Officer of the Royal Canadian Mounted Police (RCMP). Throughout his career, he specialized in organized crime and national security with a strong emphasis on intelligence and technical expertise. Mr. Bertrand led numerous intelligence teams, including the foundational Open Source Intelligence Section within the RCMP National Security Program.
 

His extensive service includes assignments across Canada, in the United States, and internationally with the United Nations as part of a peacekeeping mission in Haiti. With a background in computer forensics, Mr. Bertrand continues to expand his expertise, now focusing on the integration of artificial intelligence applications into intelligence and security practices.

*Professional Certificate obtained when Foundations for Screening and Risk Factors, Investigations, Organizational Integration, and Open Source Research and Intelligence practical certificates are completed.

Open Source Research and Intelligence
INAF 5469
Students

Course Testimonials

Honestly, can't think of one bad thing to say about this class.  Prof. Munro was amazing, as were the guest speakers

Really helps understanding real-life applications of insider threat in the private sector

Thanks so much for an excellent course!

Great to hear from practitioners in the field

Really enjoyed the practical, real world examples from various industries!

Students

International Affairs (INAF) 5469 R - Insider Risk, Threat, and Mitigation

The objective of this seminar is to introduce students to the concept of malicious insider threats, defined as “a current or former employee, contractor, or business partner…negatively affecting the confidentiality, integrity, availability”  of an organization’s assets including its workforce, along with risk management theory and industry standards to control for—and mitigate—threats.  

 

It will contextualize insider threat as a subset of defensive counter-intelligence, within the broader intelligence studies literature.  This seminar will trace the historical development of counter-intelligence practices in Western nation-state governments in the mid-20th century to the present, as well as contemporary insider threat programs that began appearing in the public and private sectors in the late 1970s, through various case studies of notable compromises.  

 

It will examine insider threat typology primarily under capability-motivation (money, ideology, compromise, ego—MICE)-opportunity (CMO) and pathway to harm theoretical frameworks and consider present-day security risk policy formulation and industry mitigation control standards against threat-type, ethical and privacy considerations, and consider macro-environmental factors that may serve as “triggers” for future potential threats.  

 

The present state of academic and industry research on insider threat, quantitative and qualitative streams, will be reviewed.

 

 

On completion of the seminar, students will have a broad and comprehensive understanding of insider risk, the ability to reflect critically on insider threat-related research, and industry mitigation practices.  

 

Finally, students will also have gained practical experience on developing and delivering outputs that are expected by the industry at large from practitioners in this field.

Picture4.jpg

Sessional Lecturer

Mr. Victor Munro

Victor is the CInRM CoE Executive Director and an experienced cyber strategy, security and insider risk, and threat intelligence consultant with 20 years of experience in Canadian federal government security and intelligence, public finance critical infrastructure, and private global multi-national IT services sectors.  He has helped organizations implement insider threat, cloud security, and incident management strategies and programs to manage risk and enhance organizational resiliency.

*Must be a graduate student presently enrolled in Carleton University, Norman Paterson School of International Affairs.  May not be offered every academic term - to confirm, consult Carleton University's Registrar's Office, and refer to the INAF subject.

Abstract Lines

National Pilot Initiative - Operational Information Exchange (OIE)

*Participation is permissible under specific criteria*

This is an initiative to enhance partnerships with Canadian entities and allow the C-InRM CoE to foster a centralized initiative to promote the sharing of information regarding:

  • Insider risk management (InRM) program implementation and best practices;

  • General situational awareness of the insider threat environment in Canada; and,

  • Promote best practices in Canadian InRM.

 

Please contact us for more details if your organization is interested in joining.

Picture1.jpg

Lead Facilitator

Ms. Lina Tsakiris

Ms. Tsakiris is a Director of a Global Insider Risk Management Program for a multinational IT infrastructure and business consulting provider. She is responsible for the implementation and oversight of a future forward Insider Risk Management program and capability that aligns to organizational culture and is effective in its risk mitigation controls.

Ms. Tsakiris has almost three decades of global security management experience and has held various senior leadership roles where she has led and supported large teams in global security operations, employee & executive protection, security threat assessments, major incident management, physical security technology, robbery prevention and insider threat management. She is a strong visionary and builder of things aimed at transforming, disrupting and creating digital forward capabilities to enable new ways of working, while effectively managing security risks. 

Ms. Tsakiris serves as a Senior Fellow at Carleton University’s Infrastructure Protection and International Security Program and is a Co-Chair of the Canadian Insider Risk Management Centre of Excellence.  She is also an executive volunteer with several professional associations including the Executive Committee for the ASIS International Professional Certification Board; ASIS Women in Security (SC Emeritus).
 

OIE
Inside Threa Monitoring Theory
Connecting Dots

Rigorous research on insider threat mitigation based on real case studies with moderate to large sample sizes are not generally available for research--none exist in Canada.

In Canadian organizations, which monitoring controls are the most important, and what sources of data have been crucial to earlier detection, resulting in an organization not being attacked, or limiting injury from insider threat attacks?

Picture4.jpg

Lead Researcher

Mr. Victor Munro

Victor is the CInRM CoE Executive Director and an experienced cyber strategy, security and insider risk, and threat intelligence consultant with 20 years of experience in Canadian federal government security and intelligence, public finance critical infrastructure, and private global multi-national IT services sectors.  He has helped organizations implement insider threat, cloud security, and incident management strategies and programs to manage risk and enhance organizational resiliency.

*To learn more, contact Victor

CITD
Wavy Circles

National Pilot Initiative - Canadian Insider Threat Dataset (CITD)

*Phase 1 industry consultations are complete. If your organization would like join a Phase 2 industry proof-of-concept pilot, please inquire by December 31, 2024.*

A Taskforce has been established to discuss and establish the parameters for a secure, centralized, intake portal for anonymized incident reporting, and share aggregate details to a closed research community of academic, private, and public partners.  Outcomes include:

  • Collaboration to define an incident attribute taxonomy for reporting insider threat attacks;

  • Production of an aggregate real incident dataset for research, policy and program building, and mitigation purposes; and,

  • Pilot the governance, policies, and operations of the CITD initiative.

 

A White Paper has now been published, detailing the aggregate findings and recommendations of the Taskforce.

Abstract Lines

Call for Graduate Student Papers on Insider Risk Management: 2024-2025 Academic Year

The Canadian Insider Risk Management Centre of Excellence is proud to announce a National Call for graduate student papers on topics directly related to insider risk management.  This is an exciting opportunity for students to showcase their research, contribute to the field, and gain recognition among industry leaders and practitioners.

Eligibility

Who Can Apply: Graduate students enrolled in an accredited Canadian university.

 

Submission Requirement: Papers must be written during the current academic year as part of course requirements. (September 2024 – April 2025).

Focus: Papers must explicitly address an insider risk management topic.

 

Awards and Recognition

We thank all students for their interest and submissions.  Please note that only the top three finalists will be contacted to advance in the selection process.

1st Place: Excellence Award Certificate of Achievement + $1,500 CAD Research Award, including option to display a research poster at the 2025 Insider Risk Management Security Partnerships Summit in Toronto, Ontario (date to be determined).

2x Runner-Up: Industry Award Certificate of Achievement + $750 CAD each research award, including option to display a research poster at the 2025 Insider Risk Management Security Partnerships Summit.

Submission Deadline: April 30, 2025

Submissions should be emailed to: CanadianInsiderRiskManagementCOE@carleton.ca

To view our 2024 award recipients research papers, please go to our library, to see:

 

-Protecting Canada Against Harm from Foes: Navigating Insider Economic-Based Threats to National Security in Critical Infrastructure with Bill C-26 (2024 Excellence Award recipient)

 

-#MeToo, Misconduct, and the Military: Identifying sexual violence as an insider threat (2024 Industry Award recipient)

 

-Securing Australia’s Research: Strategies and Priorities (2024 Industry Award Recipient)

 

Don't miss this chance to have your work recognized on a national stage!  We look forward to receiving your submissions and celebrating the next generation of thought leaders in insider risk management.

Graduate Student Award
Business Meeting

If you require a centralized insider risk management partner to assist you...

A man looking at a computer screen

...on research, training, or joining a national community of practice, reach out today to the CInRM CoE

bottom of page