Insider Threats: The Risk of Endpoint Access by Departing Employees

  • Mar 21, 2024 1:00 p.m.
  • Central Time (CT)
Course Level
Delivered via
100 minutes
Insider Threats: The Risk of Endpoint Access by Departing Employees


Insider threat programs are designed to reduce the risks of embezzlement, espionage, loss of strategic assets, sabotage and physical violence by current employees. However, departed employees pose a covert threat that could dismantle the pillars of your organizational security. Even though organizations know to disable access and credentials of departing employees, what safeguards should be put in place to ensure that direct or indirect access after termination has actually been done? 

In this webinar, you will review case studies that detail when an employee’s endpoint access was not disabled before an attack could be launched. In only one-third of the cases was there an economic gain to the employee, while the remaining cases involved sabotage and vandalism motivated by revenge. You will also learn about how the acts of sabotage were made possible by exploiting the same lapse in system controls, namely “backdoor” access.  


Understanding of employee onboarding and termination (employee exit management) procedures. Understanding of accounting system controls and permissions.

You Will Learn How To:

Recognize best practices for security and training for involuntary terminations.

Identify the cybersecurity risks that departed employees pose.

Create a program designed to prevent and detect security threats from both inside and outside your organization.  

CPE Information

CPE Credit: 2
Advanced Preparation: None.
Delivery Method: Group Internet Based

Credit by Field of Study

Information Technology: 2

Registration & Fees

Registration Fee:
Members: $110 
Non-Members: $150


Mark Nigrini, Ph.D. - Speaker


West Virginia University

Mark J. Nigrini is an associate professor of accounting at West Virginia University. His research passion for many years has been a phenomenon known as Benford’s Law which is related to the patterns of the digits in tabulated data. The smaller digits (1s, 2s, and 3s) are expected to occur more often in scientific and financial data and Benford’s Law has shown itself to be valuable to fraud examiners in their quest to uncover fraud in corporate data. His current research addresses insider threats, and more specifically the cybersecurity risks posed by former employees. 

Nigrini is the author of Forensic Analytics (Wiley, 2020) which describes analytic tests used to detect fraud, errors, estimates, and biases in financial data, and Benford's Law (Wiley, 2012). In 2014 he published an article in the Journal of Accountancy that was co-authored with Nathan Mueller, a fraudster. That article won the Lawler award for the best article in the Journal of Accountancy in 2014. Included in his array of academic publications is the lead article in the new premier forensic accounting journal, the Journal of Forensic Accounting Research. His recent publications include the lead article in the Nov/Dec 2020 issue of Fraud Magazine. His work has been featured in, amongst others, The Financial Times, New York Times, and The Wall Street Journal. His radio interviews have included the BBC in London, and NPR in the United States. His television interviews have included an interview on a fraud saga for the Evil Twins series for the Investigation Discovery Channel. He is a regular presenter at the ACFE’s Global Conferences and at events overseas such as Brazil’s Interforensics 2023. 

Christopher A. Ramezan, Ph.D., CISSP, CISM, CDPSE -


Assistant Professor of Cybersecurity
West Virginia University

Christopher A. Ramezan is an assistant professor of cybersecurity and the coordinator of the Master of Science in Business Cybersecurity Management program at West Virginia University.  He has taught numerous courses in networking and cybersecurity at the undergraduate, graduate, and executive education levels.  Currently he teaches courses on Data Communications and Networks, Operational Technology and Industrial Control System Security, Enterprise Security Architecture, and Cybersecurity Analytics.  His research interests include security architecture, federated learning approaches for cyber event detection in industrial control systems, cybersecurity workforce development and industry best practices, as well as applying machine learning and deep learning methods on multispectral and hyperspectral satellite imagery to solve remote sensing and geospatial problem sets. Ramezan’s research has been published in a variety of outlets including the Journal of Cybersecurity, Education, Research, and Practice, Journal of Information Systems Education, Remote Sensing, and the Journal of Photogrammetric Engineering and Remote Sensing, among others. 

Ramezan also serves as the academic lead for the U.S. National Team in the NATO Locked Shields cybersecurity exercise with the United States Cyber Command, Defense Information Systems Agency, and the West Virginia Army National Guard. Ramezan was also awarded the both the Dean’s Distinction in Teaching and Dean’s Distinction in Service awards in 2023, as well as the WV Educator of the Year (2023-2024) by the West Virginia American Legion.  Prior to joining academia, Ramezan worked in the cybersecurity field for nearly ten years in a variety of cybersecurity and IT roles, where he dealt a spectrum of cybersecurity issues, from developing organizational cybersecurity governance and strategy to identity and access management.  He also possesses over 20 industry cybersecurity certifications including the CISSP, CISM, CASP, and CDPSE. 


Event Cancellation Policy

Our cancellation policy is intended to keep costs low for attendees. Due to financial obligations incurred by ACFE, Inc., you must cancel your registration prior to the start of the event. Cancellations received less than 14 calendar days prior to an event start date are subject to a $100 administrative fee. No refunds or credits will be given for cancellations received on or after the start date of the event. Those who do not cancel and do not attend are responsible for the full registration fee. Should an event be cancelled or postponed by the ACFE due to unforeseen circumstances, the ACFE will process a full refund of registration fees within 30 days of such circumstances becoming known. The ACFE will attempt to notify affected customers by phone and email after it determines cancellation is necessary.

Satisfaction Guarantee

ACFE events are unmatched in scope and effectiveness and backed by our unconditional satisfaction guarantee. If you attend an ACFE event and are not completely satisfied, please contact an ACFE Member Services Representative at MemberServices@ACFE.com or call (800) 245-3321 / +1 (512) 478-9000.

Terms and Conditions


nasba-events-tos-image The Association of Certified Fraud Examiners, Inc. is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.