Definition, Vision and Mission
Periculum Definire Mitigareque
Insider threat involves the exploitation of privileged access, unintentionally or maliciously, to an organization's sensitive and mission critical assets, including its personnel, causing negative impact.
Insider risk management involves a holistic, enterprise-wide approach to the enhancement of detection and response controls to proactively mitigate a threat.
Founded in 2022, the Canadian Insider Risk Management Centre of Excellence (CInRM CoE) is federally incorporated under the Canada Not-for-Profit Corporations Act, as a public service body, not-for-profit entity and soliciting corporation, based at Carleton University, Norman Paterson School of International Affairs (NPSIA).
The CInRM CoE promotes academic, private, and public partnerships to generate academic research, provides training and learning opportunities, promotes knowledge sharing, and augments resources and capabilities in the professional market to mitigate insider threats to Canadian organizations and critical infrastructure. The scope of its services are offered to all Canadian federal, provincial, territorial (FPT) and indigenous organizations—with a particular focus on fostering critical infrastructure (CI) resiliency—subject to resourcing.
The CInRM CoE fosters an interdisciplinary approach to insider risk management towards the promotion of industry best practices and innovation within an evolving threat environment. Funded by industry contributions and research grants, we offer a national and centralized capability on all matters related to insider risk management. Our products and services include research and analysis, facilitating workshops and knowledge sharing events with subject matter experts, generating lessons learned, providing workplace training, and advocating for new initiatives to enhance Canada’s collective resiliency against insider threats. This work is established on a foundation of information sharing among a trusted community of security, intelligence, and defence professionals.
In the current era of great power competition, effective insider risk management is imperative to safeguard national security, promote economic stability, and ensure the integrity of research and development, as it mitigates vulnerabilities that adversaries may exploit to undermine Canada’s strategic advantage and resilience. Our value proposition is based on providing a national benchmark on present-day standards and best practices on insider risk management for the larger Canadian community of practice. This is founded on academic research studies, consultation with industry subject matter experts, and the establishment of close partnerships with our counterparts in the international Five Eyes community.
.png)
Canadian Heraldic Authority, symbolism of the heraldic emblems of the Canadian Insider Risk Management Centre of Excellence
Arms: Black and red are colours long used by Carleton University, Ottawa, where the Centre was founded. The phoenix evokes the idea of renewal and transformation made possible by learning. The star is based on the compass rose used by many intelligence agencies and symbolizes the synthesizing of information from various sources to help reduce security risks.
Crest: The keys symbolize the idea of unlocking information and making it accessible to the general public. The maple leaves embody the organization's Canadian roots.
Motto: This Latin phrase, meaning "Identify and mitigate the risk," encapsulates the Centre's mission.
Supporters: The ravens are based on the supporters of the arms of Carleton University. Known for their intelligence and teamwork, they embody the characteristics that are required in best practices for the industry of insider risk management. The scrolls refer to knowledge which the Centre strives to create. The black of the steps, meanwhile, embodies the lack of accessible knowledge by alluding to a void. Together, they symbolize the Centre's mandate to promote greater awareness of insider risks to allow organizations to make better informed decisions.