Cybersecurity Leadership Certification

Enrollment is now closed! Join our waitlist for the next enrollment in Q2.

Proofpoint Certified Insider Threat Specialist

DLP Badge

Fridays on March 10th, 17th & 24th | 10-11 am PT | 1-2 pm ET

Remote work, cloud adoption, and employee turnover have created challenges for organizations trying to protect their most strategic and sensitive data. Over the past two years, insider-led incidents have increased by 44%.1 Insiders may be careless, malicious, or compromised. So how can you better manage insider threats to help your organization minimize brand and financial damage? 

Join our Certified Insider Threat Specialist program to learn common insider threat scenarios, effective approaches for detecting and managing these threats, and how to build a successful Insider Threat Management Program.     

Becoming certified is easy. Just register and attend the three 1-hour courses listed below, pass the exam at the end of each course, and earn your certification! 

1Ponemon Institute. “2022 Cost of Insider Threats Global Report.” 2022. 

*This track is intended for all levels of cybersecurity administration roles. These are NOT technical training sessions. For product or solution-specific education, please visit our web-based accreditation and instructor-led technical coursesAll courses are eligible for CPE credits through ISC(2).


Friday, March 10th

10 am PT | 1pm ET

Getting Started with Insider Threats

Friday, March 17th

10 am PT | 1 pm ET

Building a Successful Insider Threat Management Program - and Pitfalls to Avoid

Friday, March 24th

10 am PT | 1pm ET

A Day in the Life of an Insider Threat Analyst

Course 1

Getting Started with Insider Threats

Remote work, cloud adoption, and employee turnover are creating risks of data loss and insider threats. According to the 2022 Ponemon Cost of Insider Threat Report, insider-led incidents have increased 44% over the past two years, making it imperative for organizations to be aware of the potential for insider threats and have a strategy to address them.    

In this session, our instructors will provide a foundational overview of insider threats. Join us for the first course as we discuss: 

  • What are insider threats and how they differ from insider risk  
  • The three types of insider threats 
  • Key approaches to detecting and managing insider threats 
  • How Insider Threat Management (ITM) and DLP are converging 
  • The definition of an Insider Threat Management program 

Enroll Now

Course 2

Building a Successful Insider Threat Management Program - and Pitfalls to Avoid

Insider Threat Management (ITM) takes a holistic focus on managing the risks that insiders pose to your organization’s assets, systems, and data. A successful ITM program goes beyond the Security team to include HR, Legal, and Compliance. All must work together toward a common goal: protecting data and decreasing risk to the business. A well-run ITM program must include people, process, and technology.  

Join us for the second course to learn: 

  • How to build an Insider Threat Management Program 
  • Approaches for balancing security and privacy 
  • Tools used to manage insider threats and required capabilities 
  • How to measure success 

Enroll Now

Course 3

A Day in the Life of an Insider Threat Analyst

Insider threats are on the rise. However, not all threats are created equal. Insider use cases range from careless users to departing employees to credential theft – each requiring a different response. Security teams need to correlate alerts and manage investigations quickly and efficiently to minimize business damage – both within and outside of Security.

Join us for the third and last course to hear first-hand about the day in the life of an insider threat analyst from two Insider Threat Program Managers. You will learn about: 

  • Use cases - insider threat indicators, context, and common responses 
  • Benefits of proactive threat hunting 
  • Controls for escalation and oversight 
  • How to streamline investigations with HR, Legal, and Compliance 
  • Insider threat as part of the broader security ecosystem 

Enroll Now


There are some questions:
  • What email should I use to register?

    Keep in mind that in order to be able to take the exams, you must use a business email. Please do not register with a personal email such as those with the domain “gmail” or “yahoo.” 

    Please consistently use the same email you registered with throughout the program to ensure the accuracy of tracking your attendance towards getting certified.

  • I can't get into the live session, it says it's full.

    Please note that our live sessions have a seat limitation and will be on a first-come first-served basis. If you are unable to join the live session, you can always watch the recording on-demand to count towards your certification.

  • What if I am unable to attend one of the live sessions?

    If you are unable to attend a live session, you may watch the recording and take the exam by April 17th 2023, 5 PM PT. All live sessions will be recorded, and you may access the videos from an email that will be sent soon!

  • What is considered a passing grade for each course?

    To pass a course, you would have to attend the session either live or watch on-demand and take the exam at the end of the course. You need to score 100% on each exam to pass the course.

  • How many times can I retake the exams?

    You have unlimited attempts to take the exams to get 100% scores to pass the courses.

  • How long will the recordings and exams be available for me to access?

    You will have until April 17th 2023, 5 PM PT to access the course recordings and exams to complete your certification.

  • How long is each course?

    Each course is about 1 hour long. 

  • How much does the certification cost?

    The courses and certification is free.

  • Do I need to watch all three sessions?

    Yes. You are required to watch all three sessions (either on-demand or live) to be eligible for your certification in addition to passing all of your exams. 

  • When will I receive my exam link?

    After you have watched the session (live or on demand), you will receive an email within 1-3 business days after the live session, with the exam link.

  • I can't take my exam, it won't allow me access.

    If you are running into problems accessing the exam, here are some ways you can try to resolve the issue:

    • Please try to get the exam link whitelisted
    • Turn off your company VPN, it might be blocking the website
    • Use a personal computer to take the exam
  • I've completed the exams. How do I redeem my badge & certificate?

    We will review your submission/attendance and issue your certificate by May 5th. You will receive an email from our trusted vendor Credly ( with instructions on how to access your digital badge and certificate.

Course Instructors

Nirav Shah

Principal Product Manager, Information Protection, Proofpoint

Nirav Shah is a product management leader for Proofpoint's insider threat and DLP product line. Prior to Proofpoint, he led the SASE (Secure Access Service Edge) initiative at Forcepoint to help accelerate digital transformation of distributed enterprises. During his career, Nirav has held product management, engineering leadership, and technical roles in large networking & security companies as well as venture-backed startups. His domain experience includes areas of network & cloud security, security analytics, and MSSP deployments.

Michael Gordover

Proofpoint, Principal Solutions Architect, CISSP, CISM, ITPM

Michael Gordover is an accomplished Principal Enterprise Security Architect, with a focus on threat protection and data loss prevention. Bringing a decade of experience, he is a certified CISSP, CISM, and ITPM, having worked on some of the most complex and high-profile accounts in the industry. Michael is an advocate for customers, passionate about mentoring team members and solving the toughest security challenges.

Josh Linkenhoker

Field Security Architect

Josh Linkenhoker is an experienced enterprise Information Security leader having held multiple director roles focusing on Information Security, Cloud Security, and Email Security. Josh has worked with dozens of enterprises as an individual consultant and is focused around successful program building in the Information Protection and Insider Threat Management spaces.