The NITSIG
would like to invite its members, security professionals and other
interested individuals to our meetings. Non-NITSIG Members may attend.
Their is NO CHARGE to attend meetings.
Interested In Joining The NITSIG
NITSIG Membership Application
NITSIG Virginia Chapter Meetings
(TBD)
NITSIG Maryland Chapter Meetings
Next Meeting
February 11, 2020
9am - 1pm
Johns Hopkins University Applied Physics Laboratory, Laurel, Maryland
Topic Of Discussion
Insider Threat Detection On Computer Systems & Networks
The NITSIG will hold a meeting to discuss the findings of a workshop
that was held in 2019. The workshop was done in partnership with the
University of Maryland’s Applied Research Laboratory for Intelligence
and Security (ARLIS). The goals of the workshop were to answer key
questions related to Insider Threat Detection (ITD) on computer systems
and networks, and the use and procurement of vendor supplied software
tools designed to support Insider Threat detection and mitigation
efforts. Insider Threat Program Managers and Analysts from the Insider
Threat Community (U.S. Government / Private Sector) attended the
workshop and contributed their experiences and expertise.
The results of the workshop will be presented by Jim Henderson (Founder
/ Chairman NITSIG). A discussion panel will follow the presentation.
Individuals directly involved in ITD for computer systems and networks,
using ITDT's will answer questions.
Who Should Attend This Meeting?
ITP Managers / Senior Officials
Insider Threat Analysts
Facility Security Officers
ITP Working Group / Hub Stakeholders (Security, CSO, Human Resources, IT
Security, Legal / General Counsel, Counterintelligence Investigators,
Etc.)
CIO's / IT Security / CISO's Considering Purchasing An ITDT
Anyone Interested In Gaining In-Depth Knowledge Related To ITD On
Computer Systems / Networks
Meeting Registration (No Charge)
Presentation
Date:
February
12, 2019
Time:
9AM-1PM
Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124
Parking:
Parking is available on the JHU-APL Campus. Parsons Auditorium
is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL
Drive. You may park in the lot on your left labeled for visitors,
adjacent to Lobby 1. You will enter the building at Lobby 1.
JHU-APL Campus Map
Who Should Attend?
Anyone managing or supporting an Insider Threat Program, or concerned
with proactive "Employee Threat Identification".
Registration Link
Note
You must be a U.S. Citizen to attend
this event. A valid Drivers License or U.S. Government issued ID is
required at the door.
Topic Of
Discussion
Insider Threat Detection And
Mitigation Using External Data Sources
Gathering and analyzing Internal data sources is very important
for Insider Threat Detection. Equally important is knowing what External
data sources are also available to create the "Big Picture" of potential
/ actual Insider Threats. (External Data Sources Overview)
Most companies
currently perform background screening on employees ONCE at the Pre-Hire
stage. This screening is a Point In Time Snapshot.
To be more proactive in detecting and mitigating Insider Threats, many
companies are using Post-Hire solutions, that allow the employer to Continuously monitor an employee for
Indicators of Concern.
With these solutions
companies can now proactively identify employee risk and pre-emptively
address a problem before it escalates.
This meeting will focus on the many External data sources that
are available from various companies, for organizations and businesses
that want to be provided with a 360 degree view into Employee Indicators
of Concern, and are concerned with proactive Employee Threat
Identification.
This meeting will
also provide insight into the possibility that your company's data may
be "For Sale" on the Dark Web, and how to locate it.
Presentation By Transunion
(Info)
Topic: Gaining
Employee Vulnerability Insights To Help Guide Resource Allocation
Speaker: Jeff
Huth, VP Product Management, TransUnion Public Sector
Overview
TransUnion monitors
over 1 billion people and 5 billion devices in advanced data centers
across the globe, which customers can access and leverage to gain
valuable insights into organizational and personal vulnerabilities that
puts you at risk.
Most organizations have limited resources for implementing an Insider
Threat Program, so conducting an anonymized financial risk analysis of
your population will help you better understand where to focus resource
expenditures.
Additionally, recent acquisitions increase TransUnion’s ability to
determine if devices (cell phones, laptops, etc.) used for fraudulent
activity are trying to access your networks.
Combined, these capabilities greatly increase insights into
vulnerabilities that help guide you in making decisions on how to spend
your limited budgets in the most efficient manner when it comes to
maturing your Insider Threat Programs.
Presentation
Presentation By ClearForce
(Info)
Topic: Early Identification Of Insider Risk
Speaker: Tom
Miller – CEO, ClearForce
Overview
ClearForce streams relevant content in real time to a market where
calendar-based batch decision making has been the norm.
We built ClearForce on a foundation of employee consent and
transparency. We put employee privacy at the forefront of enhancing
security.
We are not trying to solve this as a big data problem. We are not
scraping and searching for negative employee data, instead our solution
delivers real time event-based behavioral alerts of employee misconduct
and high-risk behavior occurring outside the workplace that typically
aligns to the pre-hire background checks, including criminal arrests and
leading indicators of financial stress.
We make all this possible by solving the regulatory hurdle of making
external data actionable with our patent pending, legally compliant
workflow, directly addressing FCRA and other EEOC requirements.
Presentation
Presentation By Thomson
Reuters (Info)
Topic: Overview
Of Online CLEAR Investigation Solutions
Speaker: Mark
Sullivan, CLEAR Investigative & Risk Solutions Regional Manager, CLEAR
Product Specialist
Overview
Connections,
Currency, Content, and Comprehension are all important components of an
effective ‘online’ investigation. CLEAR from Thomson Reuters delivers
all four of these pillars in solution with strong preference in local,
state, and federal law enforcement as well as with corporate security
professionals nationwide.
Uncovering red flags through hidden, and unhidden, connections may be
the difference between a successful and unsuccessful investigation.
Ensuring consistent access to current information versus data that may
be weeks, months, or even years old increases the ability to create
actionable insights in an investigation. In many normal contexts
duplication may seem to be a bad thing but during an investigation or
scenario where monitoring is required duplication and transparency
across data sources minimizes the chances of an ‘unturned stone.’
Finally, without the ability to quickly comprehend, remediate false
positives, and make meaningful decisions off of information returned,
the advantages of sound monitoring/investigative procedures quickly
diminish.
During this overview we will touch briefly on the history of CLEAR and
how it can be an important part of solving some of these key challenges.
Presentation By Kroll
(Info)
Topic: Is Your Company Data For Sale On The Dark Web?
Speaker: Keith
Wojcieszek, Former U.S. Secret Service Cyber Intelligence Section
Supervisory Special Agent, Criminal Investigation Division
Overview
Why Is Dark Web
Monitoring Important?
What Useful Threat Intelligence Can You Find On The Dark Web?
Unscrupulous workers who
sell their employers’ secrets are nothing new. But a rise in websites
dedicated to white collar crime is making the practice easier than ever,
and leading more Insiders to peddle confidential information.
In one recent case, a multinational software company prevented the
sale of highly sensitive source code of yet-to-be-released enterprise
software. The threat actor turned out
to be an Insider who was working for the company. He stole the code and
was attempting to sell it on the underground for $50,000.
How The Dark Web Presents New Insider Threats
Defend Your Data As Insiders Monetize Their Access
Insider
Trading On The Dark Web On The Rise
Insider Threats Escalate And Thrive On The Dark Web
Firms Urged To Scour Dark Web For Breached Data
RedOwl Report - Monetizing The Insider Through The Dark Web
Date:
March 2, 2018
Time:
9AM-12PM
Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124
Parking:
Parking is available on the JHU-APL Campus. Parsons Auditorium
is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL
Drive. You may park in the lot on your left labeled for visitors,
adjacent to Lobby 1. You will enter the building at Lobby 1.
JHU-APL Campus Map
Topic Of
Discussion
Protecting Controlled Unclassified
Information (CUI)
Background On Protecting CUI
On November 4, 2010, the President signed
Executive Order 13556, Controlled Unclassified Information. The
Executive Order established a government wide CUI Program to standardize
the way the executive branch handles unclassified information that
requires protection. It designated the National Archives and Records
Administration (NARA) as the Executive Agent to implement the program.
The Archivist of the United States delegated these responsibilities to
the Information Security Oversight Office.
The requirements for the protection of CUI provide a set of “minimum”
security controls for contractor information systems upon which CUI is
processed, stored on, or transmitted through. These security controls
must be implemented at both the contractor and subcontractor levels
based on the information security guidance in
NIST Special Publication (SP) 800-171: Protecting Controlled
Unclassified Information In Non-Federal Information Systems And
Organizations.
The CUI protection requirements are intended for use by federal agencies
in contractual vehicles or other agreements established between those
agencies and nonfederal organizations. Failure to implement the security
controls to protect CUI, would be a breach of contract.
For an Insider Threat Program to be robust and effective, it must be
built upon an established security foundation within an organization.
The NIST SP 800-171 covers many security controls that can support
Insider Threat Risk Mitigation.
This meeting is also very well suited for any organization or business
that is not required to protect CUI, but is looking to enhance their
Information Systems Security Program / Insider Threat Program.
Presentation # 1
Presentation -
Topic Of Discussion
Protecting Controlled Unclassified Information (CUI)
This presentation will provide the attendees with an overview of the CUI
Program, its origins, and review the safeguarding elements found in the
CUI implementing directive 32 CFR Part 2002.
Speaker
Mark Riddle
Information Security Oversight Office
Senior Program Analyst
Lead for Controlled Unclassified Information Program Oversight
Presentation # 2
Presentation -
Topic Of Discussion
Going Beyond Compliance Requirements For Protecting Controlled
Unclassified Information
This presentation will focus on understanding simple techniques that
"Malicious Insiders" can use to exfiltrate data and other valuable
information from within an organization. These techniques have
successfully been used to exfiltrate sensitive business information
during Insider Threat Risk Assessments. Understanding the "Malicious
Insiders Playbook" of options is critical.
Speakers
Jim Henderson: Insider Threat Risk Mitigation Expert
NITSIG Founder / Chairman
CEO Insider Threat Defense, Inc.
(Bio)
Warren Holt
NITSIG Board Member / Technical Director
Technical Director, Data Loss Prevention (DLP) For Aveshka, Inc.
(Bio)
Link To NITSIG Meeting Tickets On Eventbrite:
The cost to attend is FREE. Please visit the link below to
reserve your seat at the meeting. Seating is limited, so please register
early.
https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-3-2-18-tickets-42912092223
Date:
February 9, 2017
Time:
10AM-1PM
Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124
Parking:
Parking is available on the JHU-APL Campus. Parsons Auditorium
is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL
Drive. You may park in the lot on your left labeled for visitors,
adjacent to Lobby 1. You will enter the building at Lobby 1. .
JHU-APL Campus Map
Topic:
Workplace
Violence (10AM-11AM)
Presented By:
Occupational Safety and Health Administration (OSHA)
Presentation
Topics:
-
Workplace Violence Overview (Threats,
Verbal Abuse, Physical Assaults, Homicide)
-
How To Recognize Workplace Violence
Indicators
-
Employer Responsibilities By Law To
Provide A Safe Workplace
-
Employee Rights
-
Implementing A Workplace Violence
Prevention Program
-
Reporting An Unsafe Workplace To OSHA
Topic:
Civilian Response To Active Shooter
Events
(11AM-1PM)
Presented By:
Maryland State Police
Presentation
Topic:
-
The Civilian Response to Active Shooter
Events (CRASE) presentation is designed and built on the Avoid, Deny,
Defend strategy developed by the Advanced Law Enforcement Rapid Response
Training (ALERRT). The presentation provides strategies, guidance and a
proven plan for surviving an active shooter event.
Link To NITSIG Meeting Tickets On Eventbrite:
The cost to attend is FREE. Please visit the link below to
reserve your seat at the meeting. Seating is limited, so please register
early.
https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-2-9-17-tickets-31099485398
Date:
September 7, 2016
Time:
10AM-1PM
Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124
Parking:
Parking is available on the JHU-APL Campus. Parsons Auditorium
is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL
Drive. You may park in the lot on your left labeled for visitors,
adjacent to Lobby 1. You will enter the building at Lobby 1. When you
leave for the day, please stop by the receptionist desk to receive the
parking code for the visitors parking lot.
JHU-APL Campus Map
Topic:
Insider Threat
Program Development For NISPOM Conforming Change 2
-
The meeting will be
exclusively focused on Insider Threat Program Development per the
requirements of NISPOM Conforming Change 2 - Insider Threat.
-
Industry recognized
Insider Threat Risk Mitigation Subject Matter Experts will provide
attendees with "Real World" guidance for Insider Threat Program
development, implementation and management.
-
Items Of Discussion
To Include;
-
Legal Considerations
For Insider Threat Programs (Licensed Attorney On Panel)
-
Insider Threat
Program Working Group / Hub
-
Insider Threat Program Implementation Plan
NISPOM
Conforming Change 2- Insider Threat Program Requirements
NISPOM 1-202 requires Defense Industrial Base (DIB) Contractors
to establish and maintain an Insider Threat Program that will gather,
integrate, and report relevant and available information indicative of a
potential or actual insider threat. Contractors must have a written
Insider Threat Program Implementation Plan in place to begin
implementing insider threat requirements of NISPOM Change 2 no later
than November 30, 2016
http://www.dss.mil/it/index.html
Link To NITSIG Meeting Tickets On Eventbrite:
The cost to attend is FREE. Please visit the link below to
reserve your seat at the meeting. Seating is limited, so please register
early.
https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-9-7-16-tickets-27013744838
Bio’s Of
Supporting Speakers / Panel Members:
Jim Henderson – Founder / Chairman Of NITSIG
CEO Insider Threat Defense, Inc.
Insider Threat Program Development Training Course Instructor / Insider
Threat Risk Mitigation Analyst
-
Mr. Henderson has
trained a provided Insider Threat Program Development Training /
Services to 350+ organizations; U.S. Government Agencies, Defense
Industrial Base (DIB) contractors, NCMS Members / Chapters, Defense
Security Service, Critical Infrastructure Providers, Aviation / Airline
Security Professionals, Banking / Financial Institutions, large and
small businesses. (National Insider Threat Policy & NISPOM Conforming
Change 2)
-
Mr. Henderson
previously worked for the DoD Insider Threat Counterintelligence (ITCIG)
Group (DoD Contractor), and assisted the DoD ITCIG in establishing a
comprehensive and structured DoD Enterprise Insider Threat Program (ITP)
Risk Management Framework (RMF). The ITP RMF integrated the security
disciplines of Counterintelligence (CI), Security and Information
Assurance (IA). The ITP RMF defined the baseline activities to be
conducted by DoD Combatant Commands, Services and Agencies to support
their ITP's. The National Insider Threat Policy was built off of the ITP
RMF.
Mike Miller –
NITSIG Co-Chair
Chief Operating Officer; Vice President, Insider Threat Program
Coordinator
Tanager, Inc.
-
In 2014 Mr. Miller
was selected as the Co-Chair for the National Insider Threat Special
Interest Group (NITSIG). The NITSIG was chartered to help facilitate
Insider Threat Program information collaboration between the various
stakeholders tasked with implementing and supporting the insider threat
mission.
-
Mike Miller serves
as the Chief Operating Officer and Vice President in charge of all
Insider Threat Programs at Tanager. Mr. Miller is responsible for all
Tanager Insider Threat Programs across the Intelligence Community,
Department of Defense, Federal agencies and commercial sector. Mr.
Miller has played a valuable role in the insider threat mission maturity
across the Intelligence Community and Department of Defense.
-
Mr. Miller is the
Insider Threat Program coordinator for Tanager’s Insider Threat Program
and was responsible for developing a robust program consisting of a
charter, Concept of Operations (CONOPS), User Activity Monitoring (UAM)
and data correlation / link analysis solution for protecting Tanager’s
employees, data and customers.
Shawn Thompson, Esq. - NITSIG Board Member / Legal Advisor
Insider Threat
Management Group, LLC
Insider Threat Risk Mitigation Specialist / Lawyer (Corporate Legal
Services)
-
Mr. Thompson of ITMG
is a Licensed Attorney, former Federal Prosecutor, Special Agent, and
Insider Threat Program Manager. Mr. Thompson's in-depth experience and
understanding of the intricacies of developing, implementing and
managing an Insider Threat Program are unmatched. (Privacy Concerns,,
User Activity Monitoring, Investigations, Etc.) Mr. Thompson is a member
of the Maryland Bar Association.
Mr. Thompson has;
-
Successfully
prosecuted numerous economic espionage cases.
-
Successfully
investigated several high profile insider threat cases.
Provided expert assessments and briefings on insider threats to the
highest levels of government.
-
Been a pioneer in
the field of insider risk management.
-
Deep knowledge of
how to properly assess insider risks and create and manage insider
threat programs.
-
Been an experienced
trusted broker having advised both government and corporations on how to
effectively prevent, detect, and mitigate insider threats.
-
Mr. Thompson has
served in numerous high profile positions:
-
Chairman, Insider
Threat Mission Group, Office of the Director of National Intelligence
-
Insider Threat
Program Manager, United States Department of Defense
-
Special Assistant
United States Attorney, United States Attorney's Office
-
Senior Litigation
Attorney, United States Department of Defense
-
Assistant General
Counsel, FBI
-
Special Assistant
United States Attorney, United States Attorney's Office
-
Mr. Thompson has
been involved with creating and managing Insider Threat Programs for
numerous federal agencies. His work with the National Insider Threat
Task Force led to the creation of the National Insider Threat Policy and
Minimum Standards for Executive Agencies.
Dr. Robert Gallagher - NITSIG Board Member / Scientific Director
Operational Psychologist
Senior Partner And Director Of Psychological Consultation And Training
Guardian Defense Group
-
Dr. Gallagher has
extensive experience exploring the human side of espionage and insider
threat. As a licensed psychologist, former military intelligence officer
and counterintelligence special agent, he has had the opportunity to
study and apply his knowledge of human dynamics in an array of settings.
He has supported both offensive and defensive intelligence /
counterintelligence, SOF and cyber operations. Additionally, he has
personally participated in hundreds of strategic and tactical military
and intelligence operations on six continents.
-
Prior to joining the
private sector Dr. Gallagher served as:
Chief of Behavioral Sciences at the Defense Counterintelligence and
HUMINT Center
-
Founder of the
prestigious National Security Psychology Symposium
-
Chief of Enterprise
Screening at the Defense Intelligence Agency
-
Counterintelligence
Psychologist with the Office of Security at the National Security Agency
-
Special Duty
Screener, with the USAF and Air Intelligence Agency
-
Currently, Dr.
Gallagher is a Senior Partner and Director of Psychological Consultation
and Training with Guardian Defense Group (GDG). GDG is a Service
Disabled Veteran Owned Small Business consisting of a unique blend of
operational psychologists and former Special Operations operators
supporting the counterintelligence, security and behavioral science
needs of public and private sector clients.
Trevor A Odell
Director, IT Security & Assurance
BAE Systems, Inc.
-
Mr. Trevor Odell joined
BAE Systems, Inc. in 2007 as the Manager of IT Security for the Land
and Armaments sector, working inside the Industrial Security
program. In December 2010 he joined headquarters staff as the
Director, IT Security and Assurance working for Thomas Langer, VP of
Security – BAE Systems, Inc.
-
Mr. Odell in his current
role, he is focused on Enterprise Risk Management as evidenced in
FOCI Mitigation, ECP compliance, Security Governance and
Counterintelligence / Cyber Risk Management, Insider Threat
Management and the protection of Customer, Company and National
Security Information. As part of his Counterintelligence work, he
spends one day each week in Quantico as BAE Systems representative
to the Counterintelligence Partnership with Industry Program run by
DSS. Although his work is primarily governance and strategic in
nature, he works with all lines of business on a weekly basis
ensuring the appropriate levels of protection are applied to
business initiatives to minimize risk to the information entrusted
to us and maximize the ability of the business to operate
successfully.
-
Mr. Odell came to BAE
Systems after spending 10 years at Pitney Bowes, Inc. in various
security management roles both tactical and strategic. Pitney Bowes,
Inc. is the leading global provider of postal meters, mail enabling
technologies and mail integration solutions with 30,000 employees
worldwide.
-
Prior to Pitney, Mr. Odell spent 5 years working at global specialty
chemical company - Witco, as a network security engineer / architect
with identity and access control responsibilities serving operations
in 7 countries and before that as the systems / network engineer and
software developer for the leading provider of IPO Management
Services for Wall Street, CommScan. In his work at CommScan, he
interacted daily with senior executives and business partners at all
of the investment banks in the U.S. and the majority of the major
international investment banks.'
-
Mr. Odell has spoken at
security conferences on subjects ranging from “Strategies for the
protection of Personally Identifiable Information (PII), including
social security numbers, credit card data, financial information and
personal health information (PHI)”, “Cloud Security” and most
recently “Using Open Source Intelligence for Reconnaissance”. In the
past he hosted several webinars focused on educating attendees on
the effective implementation of data loss prevention solutions.
-
Mr. Odell holds a Bachelor of Fine Arts degree from Ithaca College,
in Ithaca NY.
Date:
April 26, 2016
Time:
10AM-1PM
Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124
Parking
Parking is available on the JHU-APL Campus. Parsons Auditorium is
located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL
Drive. You may park in the lot on your left labeled for visitors,
adjacent to Lobby 1. You will enter the building at Lobby 1. When you
leave for the day, please stop by the receptionist desk to receive the
parking code for the visitors parking lot.
JHU-APL
Campus Map
NISTIG
Meeting Announcement / Agenda 4-26-16
Link To Sign Up For
Free Ticket
Presentations /
Topics Of
Discussion
Active Shooter & Hostile Incident Response
Presentation By: TFC Travis Nelson, MD State Police Law Enforcement
Liaison, MD Emergency Management Agency
This presentation will review the interdisciplinary response of
Fire, EMS, Police and Emergency Management to an active assailant or
potentially volatile incident. It will review security and safety
concerns on scene and how to quickly access patients while the incident
is evolving. The course will examine methods on how to integrate all
partners necessary to plan and manage the incident. Class attendees and
instructors will have an informal discussion on available equipment,
implementing state guidance locally and how to begin planning.
Insider Threat Incidents / Case Studies & Indicators
Presentation By: FBI Special Agent (SA) Sharp, FBI Insider Threat
Center
FBI Special Agent (SA) Sharp will present case studies on recent
insider threat investigations with an emphasis on indicators displayed
by the subject and the victim organization’s responses. SA Sharp will
present on physical as well as cyber insider threats.
Employee Continuous Evaluation & Screening Service
Presentation By; Peter Collins
IDentrix Employee Continuous Evaluation & Screening Service
-
IDentrix is a division InfoZen. InfoZen is the company that provides
the Secure Flight Program to the U.S. Government, screening 2
million names a day.
IDentrix is a very affordable web based "Employee Continuous
Evaluation Screening Service".
-
IDentrix monitors approx. 1000 sources of information for
information that may be of concern to companies about their
employees. Risk Alerts pertaining to 65 plus different attributes
including criminal, civil, sanctions, professional licenses, etc.
Most importantly it actively monitors each individual daily for
various types of activities that may have a negative impact on their
ability to fulfill their roles in compliance with established
regulations. As you probably realize, traditional background checks
which are completed at timed intervals may not reflect any
activities over the last few years. A company will receive an alert
from within 10 minutes to 24 hours after a new potential negative
data source has been discovered about an individual. Screening
services are available daily, weekly or monthly.
-
During a 3 month period that the End User / Client used the IDentrix
Continuous Monitoring Service, IDentrix identified over 800 identity
changes, of which twenty four (24) actionable alerts were deemed to
disqualify the noted persons from continued participation in their
current regulated duties. Thus protecting the client from potential
risk due to unacceptable activities.
IDentrix Website
IDentrix Overview Video - YouTube
IDentrix Demo
IDentrix offers a free live 30 minute demo, during which time
you’ll be able to see the unique features and data coverage offered as
part of the solution.
Sign Up For Demo
Bio’s Of Guest
Speakers
TFC Travis Nelson, MD State Police Law Enforcement Liaison, MD Emergency
Management Agency
-
Trooper First Class Travis Nelson is currently assigned to the
Special Operations Division of the Maryland State Police. He is
detailed as a law enforcement liaison to the Maryland Emergency
Management Agency (MEMA.)
-
Travis serves as the co-chair for the Maryland Active Assailant
Interdisciplinary Workgroup and works with the Maryland Institute
for Emergency Medical System Services (MIEMSS) to lead a statewide
effort to provide guidance for all responders to hostile events.
-
He is the chair of the recently established Maryland Search and
Rescue Coordination Workgroup, technical lead of the Maryland
Prevention and Protection Workgroup and serves on the Region III
Advisory Council for the Federal Emergency Management Agency (FEMA.)
-
Prior to, he was assigned to MEMA as a regional liaison officer, MSP
Special Events Unit, MSP Human Resources Division and MSP
Centreville Barrack.
-
Travis is the current Director of Career Services at the Kent &
Queen Anne’s Rescue Squad in Chestertown, MD and certified as a
medic, rescue diver and firefighter. He previously worked for Kent
County 9-1-1, Queen Anne’s County 9-1-1 and Queen Anne’s County EMS.
FBI
Special Agent (SA) Sharp, FBI Insider Threat Center
-
Special Agent Dewayne Sharp joined the FBI in January 2001 and was
assigned to the Chicago Field Office initially to work
counterintelligence investigations of intelligence officers from
various threat countries. He was subsequently assigned to economic
espionage and technology transfer investigations related to the
three Department of Energy laboratories in the Chicago area.
-
In January 2009, SA Sharp was promoted to Supervisory Special Agent
at FBI headquarters in the Counterintelligence Division managing
threat country investigations and operations against foreign
intelligence targets. In June 2011, SSA Sharp transferred to the
Counterespionage Section where he investigated and managed the
investigations of FBI personnel suspected of spying for foreign
countries.
-
In June 2014, SSA Sharp became the second member of the FBI’s
Insider Threat Center and currently leads a risk management unit.
His unit evaluates insider threat risks as they relate to FBI
personnel, critical assets and security programs and presents risk
mitigation options to Executive Management for decision.
-
Prior to the FBI, SSA Sharp served eight years as a US Army officer
in multiple assignments around the world. He is a graduate of the
United States Military Academy at West Point and has a Bachelor’s
degree in Military History with a minor in Computer Science.
The NITSIG
welcomes input from attendees at the meeting. A collaborative
environment with information sharing is a first step at insider threat
risk mitigation.
PAST MEETING
Date:
February 18, 2016
Time:
10AM-1PM
Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124
Parking
Parking is available on the JHU-APL Campus. Parsons Auditorium is
located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL
Drive. You may park in the lot on your left labeled for visitors,
adjacent to Lobby 1. You will enter the building at Lobby 1. When you
leave for the day, please stop by the receptionist desk to receive the
parking code for the visitors parking lot.
JHU-APL
Campus Map
NISTIG
Meeting Announcement 2-18-16
Link To Sign Up For
Free Ticket
https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-2-18-16-tickets-21415345876
Presentations /
Topics Of
Discussion
Insider Threats From A
Human Resources Perspective
Presentation By: Mrs. Jordan C. Meadows, Security Program Analyst,
Rolls-Royce North America
-
How Human Resources
addresses discovered issues on an applicant’s background screening.
-
Security’s requirement
to verify citizenship for all non-direct hire personnel.
-
Employee Risk – A review
of disgruntled employees who are disgruntled with the company’s
direction, organizational changes and / or their own personal growth
within the company.
-
Risk Related Issues –
Risk associated to employee performance development reviews,
employee terminations/withdrawals and employees who leave and come
back to the company.
-
Reports of employee
suspicious activity / behavior.
-
Discussion of two actual
insider threat cases that resulted in prosecution.
Insider Threats From A
Legal Perspective
Presentation By: Mark Zaid, Attorney At Law
Securonix Big Data
Analytics
Presentation By: John Menkart
The Securonix Platform is a purpose-built advanced security
analytics technology that mines, enriches, analyzes, scores and
visualizes customer data into actionable intelligence on the highest
risk threats from within and outside their environment. Using
signature-less anomaly detection techniques that track users, account,
and system behavior Securonix is able to automatically and accurately
detect the most advanced data security, insider threats and fraud
attacks.
Securonix Insider Threat Management
Bio’s Of Guest
Speakers
Mr. Mark Zaid
For over two decades, Mark S. Zaid, Esq. has fought to guarantee
the rights of former, current, and prospective civilian federal
employees, defense contractors, members of our active duty and reserve
military, and journalists, particularly when they are threatened by the
overshadowing spectre of national security. His representation has
ranged from high-profile Members of Congress to covert CIA operations
officers whose names will never be revealed, from politically
controversial cases to stealth efforts to obtain historic records. Using
a variety of tools—including the Executive, Judicial and Legislative
branches, as well as the media—Mr. Zaid and his law firm have helped
clients navigate the shadow world of national security, First Amendment,
federal employment, and administrative law.
http://www.markzaid.com
Mrs. Jordan C. Meadows
Mrs. Jordan Meadows currently serves as the Rolls-Royce North
America Security Program Analyst. Mrs. Meadows joined Rolls-Royce in
2011, after serving as the Private Sector Liaison Coordinator for the
State of Indiana’s Intelligence Fusion Center. As the Private Sector
Liaison Coordinator, Mrs. Meadows developed and managed the Midwest’s
first private sector intelligence program which resulted in the
successful recruitment and intelligence outreach to over 300 private
sector partners from Illinois, Indiana, Kentucky and Ohio.
As the Executive Officer for the Indiana Department of Homeland
Security, Mrs. Meadows managed a variety of analytical and emergency
management programs. Mrs. Meadows developed and implemented the
department’s internship program, developed emergency management and
business continuity plans for various businesses and companies
throughout the State of Indiana, and was responsible for developing and
submitting various presidential disaster declarations on behalf of the
state.
Mrs. Meadows received her BS in Psychology from Indiana State University
and attended Thomas M. Cooley School of Law in Lansing, MI. After
attending law school, Mrs. Meadows worked as an Analyst and Investigator
for the Office of the Indiana Attorney General. In 2006, Mrs. Meadows
received a MS in Psychology from Capella University with a focus in
forensics.
PAST MEETING
Date:
January 20, 2016
Time:
10AM-1PM
Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124
Parking
Parking is available on the JHU-APL Campus. Parsons Auditorium is
located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL
Drive. You may park in the lot on your left labeled for visitors,
adjacent to Lobby 1. You will enter the building at Lobby 1. When you
leave for the day, please stop by the receptionist desk to receive the
parking code for the visitors parking lot.
JHU-APL
Campus Map
Topic: Insider
Threat Program Development From A To Z
The meeting will be exclusively focused on Insider Threat Program
Development per the requirements of NISPOM Conforming Change 2 - Insider
Threat. Industry recognized Insider Threat Risk Mitigation Subject
Matter Experts will provide attendees with "Real World" guidance for
Insider Threat Program Development, Implementation, Management and
Support.
NISPOM Conforming
Change 2
Defense
Industrial Base (DIB) Contractors will soon be required to implement an
Insider Threat Program. NISPOM Conforming Change 2 is close to becoming
a mandatory requirement in late 2015, early 2016. Once these
requirements are signed and released DIB contractors will have 6 months
for implementation.
More
Info:
NISPOM Conforming Change 2 - Insider Threat Program Requirements
Topics Of
Discussion:
-
The
Requirements For NISPOM Conforming Change 2 - Insider Threat
-
The
Essential Elements Needed For Successful Insider Threat Program
Development And Insider Threat Risk Mitigation
-
Defining The Scope Of An Insider Threat Program
-
Developing, Implementing, Managing Or Supporting An Insider Threat
Program With An Insider Threat Risk Management Framework / Insider
Threat Program Hub / Insider Threat Program Working Group
-
Creating An Insider Threat Program Policy (Templates Supplied)
-
What
Are The Essential Data Sources That Will Support An Insider Threat
Program (Data Collection and Analysis)
-
The
Behavioral Indicators Of Concern To An Insider Threat Program
(Witting, Unwitting)
-
Building Insider Threat Awareness Into The Workforce To Detect And
Report Potential Insider Threats
-
Detecting Activity Indicative Of Insider Threat Behavior With User
Activity Monitoring Tools (Demo)
The NITSIG
welcomes input from attendees at the meeting. A collaborative
environment with information sharing is a first step at insider threat
risk mitigation.
Link To NITSIG Meeting Tickets On Eventbrite:
The cost
to attend is FREE. Please visit the link below to reserve your seat at
the meeting. Seating is limited, so please register early.
http://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-1-20-16-tickets-19974454130
Bio’s Of
Supporting Speakers / Panel Members:
Jim Henderson – Founder
/ Chairman Of NITSIG
CEO Insider Threat
Defense, Inc.
Insider Threat Program Training Course Instructor / Insider Threat Risk
Mitigation Analyst
-
Mr.
Henderson has trained a substantial number of U.S. Government
Agencies (DoD, IC), DIB Contractors, Critical Infrastructure
Providers, large and small businesses on Insider Threat Program
Development, Implementation, Management and Support.
-
Mr.
Henderson previously worked for the DoD Insider Threat
Counterintelligence (ITCIG) Group (DoD Contractor), and assisted the
DoD ITCIG in establishing a comprehensive and structured DoD
Enterprise Insider Threat Program (ITP) Risk Management Framework (RMF).
The ITP RMF integrated the security disciplines of
Counterintelligence (CI), Security and Information Assurance (IA.
The ITP RMF defined the baseline activities to be conducted by DoD
Combatant Commands, Services and Agencies to support their ITP's.
The National Insider Threat Policy was built off of the ITP RMF.
Mike Miller – NITSIG Co-Chair
Chief Operating Officer; Vice President, Insider Threat Program
Coordinator
Tanager, Inc.
-
In
2014 Mr. Miller was selected as the Co-Chair for the National
Insider Threat Special Interest Group (NITSIG). The NITSIG was
chartered to help facilitate Insider Threat Program information
collaboration between the various stakeholders tasked with
implementing and supporting the insider threat mission.
-
Mike
Miller serves as the Chief Operating Officer and Vice President in
charge of all Insider Threat Programs at Tanager. Mr. Miller is
responsible for all Tanager Insider Threat Programs across the
Intelligence Community, Department of Defense, Federal agencies and
commercial sector. Mr. Miller has played a valuable role in the
insider threat mission maturity across the Intelligence Community
and Department of Defense.
-
Mr.
Miller is the Insider Threat Program coordinator for Tanager’s
Insider Threat Program and was responsible for developing a robust
program consisting of a charter, Concept of Operations (CONOPS),
User Activity Monitoring (UAM) and data correlation / link analysis
solution for protecting Tanager’s employees, data and customers.
Dr. Robert Gallagher -
NITSIG Board Member / Scientific Director
Operational Psychologist
Senior Partner And Director Of Psychological Consultation And Training
Guardian Defense Group
-
Dr. Gallagher has extensive experience exploring the human side of
espionage and insider threat. As a licensed psychologist, former
military intelligence officer and counterintelligence special agent,
he has had the opportunity to study and apply his knowledge of human
dynamics in an array of settings. He has supported both offensive
and defensive intelligence / counterintelligence, SOF and cyber
operations. Additionally, he has personally participated in hundreds
of strategic and tactical military and intelligence operations on
six continents.
-
Prior to joining the
private sector Dr. Gallagher served as:
-
Chief of
Behavioral Sciences at the Defense Counterintelligence and
HUMINT Center
-
Founder of the
prestigious National Security Psychology Symposium
-
Chief of
Enterprise Screening at the Defense Intelligence Agency
-
Counterintelligence Psychologist with the Office of Security at
the National Security Agency
-
Special Duty
Screener, with the USAF and Air Intelligence Agency
-
Currently, Dr. Gallagher is a Senior Partner and Director of
Psychological Consultation and Training with Guardian Defense Group
(GDG). GDG is a Service Disabled Veteran Owned Small Business
consisting of a unique blend of operational psychologists and former
Special Operations operators supporting the counterintelligence,
security and behavioral science needs of public and private sector
clients.
Shawn Thompson –
NITSIG Board Member
Insider Threat Risk
Mitigation Specialist / Lawyer (Corporate Legal Services)
Vice President,
InfoTeK Corporation
-
Mr.
Thompson has over 15 years of experience investigating, prosecuting,
and managing insider threats. He is widely recognized for his
insider threat expertise and unparalleled scope and breadth of
experience.
-
Mr.
Thompson has;
-
Successfully prosecuted numerous economic espionage cases.
-
Successfully investigated several high profile insider threat
cases.
-
Provided expert assessments and briefings on insider threats to
the highest levels of government.
-
Been a pioneer in the field of insider risk management.
-
Deep knowledge of how to properly assess insider risks and
create and manage insider threat programs.
-
Been an experienced trusted broker having advised both
government and corporations on how to effectively prevent,
detect, and mitigate insider threats.
-
Mr.
Thompson has served in numerous high profile positions:
-
Chairman, Insider Threat Mission Group, Office of the Director
of National Intelligence
-
Insider Threat Program Manager, United States Department of
Defense
-
Special Assistant United States Attorney, United States
Attorney's Office
-
Senior Litigation Attorney, United States Department of Defense
-
Assistant General Counsel, FBI
-
Special Assistant United States Attorney, United States
Attorney's Office
-
Mr.
Thompson is the Vice President for Enterprise Security Risk
Management at InfoTeK Corporation. In that capacity, he manages a
robust and innovative risk management practice focusing on insider
threats and cyber security.
-
Mr.
Thompson has been involved with creating and managing Insider Threat
Programs for numerous federal agencies. His work with the National
Insider Threat Task Force led to the creation of the National
Insider Threat Policy and Minimum Standards for Executive Agencies.
Mr. Thompson is a Lawyer and also an active member of the Maryland
Bar providing corporate legal services pertaining to employee
investigations and security program creation.
Curtis H. Chappell,
ISP
Sr. Director, Corporate Security / Insider Threat Program Manager
DRS Technologies, Inc.
-
Mr.
Chappell is the Senior Director of Corporate Security at DRS
Technologies, Inc., a Proxy Company headquartered in Arlington, VA,
supporting Corporate Security oversight for all DRS Security
activities, including Program Manager for Insider Threat and FOCI
programs.
-
DRS
Corporate has recently received the James S. Cogswell Award and is a
two-time recipient of the DSS Award for CI Excellence.
-
DRS is
a leading supplier of integrated products, services and support to
military forces, intelligence agencies and prime contractors
worldwide. As Finmeccanica North America, DRS represents the U.S.
market as a wholly owned subsidiary of Finmeccanica S.p.A., one of
the top ten global players in Aerospace, Defense and Security.
Trevor A Odell
Director, IT Security & Assurance
BAE Systems, Inc.
-
Mr. Trevor Odell joined
BAE Systems, Inc. in 2007 as the Manager of IT Security for the Land
and Armaments sector, working inside the Industrial Security
program. In December 2010 he joined headquarters staff as the
Director, IT Security and Assurance working for Thomas Langer, VP of
Security – BAE Systems, Inc.
-
Mr. Odell in his current
role, he is focused on Enterprise Risk Management as evidenced in
FOCI Mitigation, ECP compliance, Security Governance and
Counterintelligence / Cyber Risk Management, Insider Threat
Management and the protection of Customer – Company – and National
Security Information. As part of his Counterintelligence work, he
spends one day each week in Quantico as BAE Systems representative
to the Counterintelligence Partnership with Industry Program run by
DSS. Although his work is primarily governance and strategic in
nature, he works with all lines of business on a weekly basis
ensuring the appropriate levels of protection are applied to
business initiatives to minimize risk to the information entrusted
to us and maximize the ability of the business to operate
successfully.
-
Mr. Odell came to BAE
Systems after spending 10 years at Pitney Bowes, Inc. in various
security management roles both tactical and strategic. Pitney Bowes,
Inc. is the leading global provider of postal meters, mail enabling
technologies and mail integration solutions with 30,000 employees
worldwide.
Prior to Pitney, Mr. Odell spent 5 years working at global specialty
chemical company - Witco, as a network security engineer / architect
with identity and access control responsibilities serving operations
in 7 countries and before that as the systems / network engineer and
software developer for the leading provider of IPO Management
Services for Wall Street, CommScan. In his work at CommScan, he
interacted daily with senior executives and business partners at all
of the investment banks in the US and the majority of the major
international investment banks.'
-
Mr. Odell has spoken at
security conferences on subjects ranging from “Strategies for the
protection of Personally Identifiable Information (PII), including
social security numbers, credit card data, financial information and
personal health information (PHI)”, “Cloud Security” and most
recently “Using Open Source Intelligence for Reconnaissance”. In the
past he hosted several webinars focused on educating attendees on
the effective implementation of data loss prevention solutions.
-
In his career he has
worked under an alphabet soup of regulatory requirements including -
PCI-DSS, GLBA, HIPAA, PIPEDA, CANSPAM, EU Data Privacy, FDIC, BASEL
II, Sarbanes Oxley, and most recently the Laws and Regulations
governing the protection of Classified, Controlled Unclassified and
Export Controlled Information.
-
Mr. Odell holds a
Bachelor of Fine Arts degree from Ithaca College, in Ithaca NY.
PAST MEETING
Date:
September 17, 2015
Time:
10PM-12PM
Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100
Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124
Parking
Parking is available on the JHU-APL
Campus. Parsons Auditorium is located in Lobby 1. Enter the campus from
Johns Hopkins Road onto APL Drive. You may park in the lot on your left
labeled for visitors, adjacent to Lobby 1. You will enter the building
at Lobby 1. When you leave for the day, please stop by the receptionist
desk to receive the parking code for the visitors parking lot.
JHU-APL
Campus Map
Link To NITSIG Meeting Tickets On Eventbrite:
The cost
to attend is FREE. Please visit the link below to reserve your seat at
the meeting. Seating is limited, so please register early.
https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-9-17-15-tickets-17944701084
NITSIG Meeting Announcement / Agenda For September 17, 2015
Topics Of Discussion
Will Include;
-
Insider Threat Program Development
-
How To
Gain Buy-In And Support From Senior Management
-
The
Legal Aspects Of An Insider Threat Program (Civil Liberties,
Privacy, User Activity Monitoring, Investigations, Termination)
-
The
Importance Of Creating An Insider Threat Program Working Group
-
How To
Define The Scope Of An Insider Threat Program (Going Beyond National
Insider Threat Policy, NISPOM Conforming Change 2 Requirements)
-
The
Behavioral Indicators Of Concern To An Insider Threat Program
(Witting, Unwitting)
-
What
Are The Essential Data Sources That Will Support An Insider Threat
Program (Technical, Non-Technical)
-
How To
Build Insider Threat Awareness (ITA) Into The Workforce To Detect
And Report Potential Insider Threats (Free ITA Sources Available)
Bio’s Of Guest Speakers:
Neil C.
Carmichael, Jr. - National Archives And Records Administration (NARA)
Insider Threat Program (ITP) Manager
Serving As The NARA ITP Manager Mr. Carmichael:
Drafted the NARA Insider Threat Policy.
Developed staffing requirements for the Insider Threat Program and
drafted position descriptions and requirements for Insider Threat
Program Analyst and IT Security.
Developed NARA’s Insider Threat Program Training and Awareness Program.
Implemented an Insider Threat Detection and Prevention Program.
Coordinate NARA’s Insider Threat Program with the National Insider
Threat Task Force (NITTF).
Perform self-assessment for compliance with policies and standards
issued by the (NITTF).
Michael Caimona -
Boeing Integrated Information Systems (IIS)
Director Of Strategy For Boeing IIS
Mr.
Caimona in this capacity, is responsible for developing, communicating
and executing a complex business strategy for Boeing’s line of business
that supports the U.S. National Security Community.
Mr. Caimona also guides all of IIS's business operations for critical
mission areas to include Cyber Network Operations, national and local
law enforcement operations, Joint Department of Defense (DoD)
organizations, counter terrorism organizations, Insider Threat
Operations, Special Operations elements and several U.S. Federal
Civilian Departments.
Most recently, Mr. Caimona established Boeing’s Advanced Analytics Team
responsible for Insider Threat detection and mitigation.
Bio’s Of Supporting Speakers:
Jim Henderson – CEO Insider Threat Defense, Inc. / Founder-Chairman Of
NITSIG
Insider Threat Program Training Course Instructor / Insider Threat Risk
Mitigation Analyst
In 2014 Mr. Henderson created the NITSIG. The NITSIG is the largest
group of Insider Threat Risk Mitigation Professionals. The NITSIG
provides Insider Threat Risk Mitigation guidance to individuals working
for the: U.S. Government, DoD, IC, Defense Industrial Base contractors
and businesses.
Mr. Henderson currently teaches an Insider Threat Program Management
Training Course and provides Insider Threat Risk Mitigation Services to
U.S. Government agencies, the DoD, Defense Industrial Base contractors
and businesses.
Mr. Henderson previously worked for the DoD Insider Threat
Counterintelligence (ITCIG) Group (DoD Contractor), and assisted the DoD
ITCIG in establishing a comprehensive and structured DoD Enterprise
Insider Threat Program (ITP) Risk Management Framework (RMF). The ITP
RMF integrated the security disciplines of Counterintelligence (CI),
Security and Information Assurance (IA). The ITP RMF defined the
baseline activities to be conducted by DoD Combatant Commands, Services
and Agencies to support their ITP's. The National Insider Threat Policy
was built off of the ITP RMF.
Mike Miller – Tanager, Inc. / NITSIG Co-Chair
Chief Operating Officer; Vice President, Insider Threat Program
Coordinator At Tanager, Inc.
In 2014 Mr. Miller was selected as the Co-Chair for the National Insider
Threat Special Interest Group (NITSIG). The NITSIG was chartered to help
facilitate Insider Threat Program information collaboration between the
various stakeholders tasked with implementing and supporting the insider
threat mission.
Mr. Miller serves as the Chief Operating Officer and Vice President in
charge of all Insider Threat Programs at Tanager. Mr. Miller is
responsible for all Tanager Insider Threat Programs across the
Intelligence Community, Department of Defense, Federal agencies and
commercial sector. Mr. Miller has played a valuable role in the insider
threat mission maturity across the Intelligence Community and Department
of Defense.
Mr. Miller is the Insider Threat Program coordinator for Tanager’s
Insider Threat Program and was responsible for developing a robust
program consisting of a charter, Concept of Operations (CONOPS), User
Activity Monitoring (UAM) and data correlation / link analysis solution
for protecting Tanager’s employees, data and customers.
PAST MEETING
Date:
July 16, 2015
Time:
10PM-12PM
Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100
Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124
Please Note: Guests will not need to go through the security perimeter.
Parking
Parking available on JHU-APL Campus.
Topics Of Discussion
Will Include;
-
Insider Threat Program Development & Implementation - (Jim Henderson
/ Mike Miller / Shawn Thompson)
-
Behavioral Indicators Of Concern - (Dr. Rob Gallagher / Guardian
Defense Group)
-
Legal Considerations When Developing / Managing An Insider Threat
Program (Attorney Shawn Thompson)
The NITSIG welcomes input from attendees at the meeting. A collaborative
environment with information sharing is a first step at insider threat
risk mitigation.
Link To NITSIG Meeting Tickets On Eventbrite:
The cost
to attend is FREE. Please visit the link below to reserve your seat at
the meeting. Seating is limited, so please register early.
https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-7-16-15-tickets-17445802866
Speaker's Bio's:
Jim Henderson
Jim is the CEO Insider Threat Defense and the Founder / Chairman Of The
NITSIG. Jim currently teaches an Insider Threat Program Management
Training Course to U.S. Government agencies, Defense Industrial Base
contractors and businesses. Jim previously worked for the DoD Insider
Threat Counterintelligence (ITCIG) Group (DoD Contractor), and assisted
the DoD ITCIG in establishing a comprehensive and structured DoD
Enterprise Insider Threat Program (ITP) Risk Management Framework (RMF).
The ITP RMF integrated the security disciplines of Counterintelligence
(CI), Security and Information Assurance (IA). The ITP RMF defined the
baseline activities to be conducted by DoD Combatant Commands, Services
and Agencies to support their ITP's. The National Insider Threat Policy
was built off of the ITP RMF.
Mike Miller
Mike Miller serves as the
Chief Operating Officer and Vice President in charge of all Insider
Threat Programs at Tanager. In this role, Mr. Miller’s has helped
establish Tanager as a respected, award-winning Cyber and Insider Threat
mitigation service provider, both regionally and nationwide. Under his
management, Tanager consistently achieves year-over-year growth,
expanding its customer base each year. Mr. Miller has over 21 years of
combined system engineering and insider threat experience, of which 16
of those years have been with Tanager.
For the first 16 years of Mr. Miller’s career he performed system
administration and system engineering services in the commercial sector,
Intelligence Community and National Security Agency. For the past 5 ½
years Mr. Miller has played a valuable role in the insider threat
mission maturity across the Intelligence Community and Department of
Defense. Mr. Miller is responsible for all Tanager Insider Threat
Programs across the Intelligence Community, Department of Defense,
Federal agencies and commercial sector. In 2014 Mr. Miller became
Co-Chair for the National Insider Threat Special Interest Group (NITSIG).
The NITSIG was chartered to help facilitate Insider Threat Program
information collaboration between the stakeholders tasked with
implementing and supporting the insider threat mission. Mr. Miller is
the Insider Threat Program coordinator for Tanager’s Insider Threat
Program and was responsible for developing a robust program consisting
of a charter, Concept of Operations (CONOPS), User Activity Monitoring (UAM)
and data correlation/link analysis solution for protecting Tanager’s
employees, data and customers.
Dr. Rob Gallagher
Prior to going into the private sector last year, Dr. Gallagher spent
nearly twenty years in the security and operational side of behavioral
science, both in the military and as a civilian with multiple
intelligence agencies.
Dr. Gallagher most recently was Chief of Behavioral Sciences for the
Defense Intelligence Agency (DIA / DCHC). In his varied roles he had the
opportunity to look at threats to national security from many angles. He
had the unique opportunity to apply his knowledge of human dynamics and
espionage in both offensive and defensive capacities.
Dr. Gallagher served as Counterintelligence Psychologist for the Office
of Security at NSA. He is one of the only Psychologists in the nation to
hold both a Doctoral Degree and to have been credentialed as a Special
Agent.
Dr. Gallagher previously held the position of Chief of Screening for the
DOD Counterintelligence and HUMINT Center.
Shawn Thompson
Mr. Shawn Thompson is the Vice President for Enterprise Security Risk
Management at InfoTeK Corporation. In that capacity, he manages a robust
and innovative risk management practice focusing on insider threats and
cyber security.
Mr. Thompson possesses over 15 years of experience investigating,
prosecuting, and managing insider threats. He is widely recognized for
his expertise and the scope and breadth of his experience. He is a
pioneer in the field of Enterprise Security Risk Management.
Mr. Thompson has been involved with creating and managing Insider Threat
Programs for numerous federal agencies. His work with the National
Insider Threat Task Force led to the creation of the National Insider
Threat Policy and Minimum Standards for Executive Agencies.
Mr. Thompson has served as a trusted broker advising both government and
corporations on managing insider threats.
Mr. Thompson is also an active member of the Maryland Bar providing
corporate legal services pertaining to employee investigations and
security program creation.
PAST MEETING
Date:
April 17, 2015
Time:
10PM-12PM
Location:
Ernst & Young LLP
1101 New York Avenue N.W.
Washington, DC 20005, USA
3rd Floor
Metro:
McPherson Square & Metro Center
Parking
Parking available in the building and surrounding buildings, as well as
street parking.
The building is actually on I (“eye”) Street between 11th and 12th
Topics Of Discussion
Will Include;
Insider Threat Investigations
Special Agent Jorge Rios - Defense Criminal Investigative Service
Real Life Insider Threat Incident From NITSIG Member
Conducting Insider Threat Investigations. (Jim Henderson / Mike Miller)
Gaining Buy-In From Legal Departments To Conduct Data Gathering And
Analysis In Support Of Insider Threat Programs.
Implementing An Employee Monitoring Program.
Staffing Insider Threat Programs. Training Needed, Prioritizing Skill
Sets.
The NITSIG welcomes input from attendees at the meeting. A collaborative
environment with information sharing is a first step at insider threat
risk mitigation.
Link To NITSIG Meeting Tickets On Eventbrite:
The cost
to attend is FREE. Please visit the link below to reserve your seat at
the meeting. Seating is limited, so please register early.
https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-4-17-15-tickets-16210976467
Speaker's Bio's:
Jim Henderson
Jim is the CEO Insider Threat Defense and the Founder / Chairman Of The
NITSIG. Jim currently teaches an Insider Threat Program Management
Training Course to U.S. Government agencies, Defense Industrial Base
contractors and businesses. Jim previously worked for the DoD Insider
Threat Counterintelligence (ITCIG) Group (DoD Contractor), and assisted
the DoD ITCIG in establishing a comprehensive and structured DoD
Enterprise Insider Threat Program (ITP) Risk Management Framework (RMF).
The ITP RMF integrated the security disciplines of Counterintelligence
(CI), Security and Information Assurance (IA). The ITP RMF defined the
baseline activities to be conducted by DoD Combatant Commands, Services
and Agencies to support their ITP's. The National Insider Threat Policy
was built off of the ITP RMF.
Mike Miller
Mike Miller serves as the
Chief Operating Officer and Vice President in charge of all Insider
Threat Programs at Tanager. In this role, Mr. Miller’s has helped
establish Tanager as a respected, award-winning Cyber and Insider Threat
mitigation service provider, both regionally and nationwide. Under his
management, Tanager consistently achieves year-over-year growth,
expanding its customer base each year. Mr. Miller has over 21 years of
combined system engineering and insider threat experience, of which 16
of those years have been with Tanager.
For the first 16 years of Mr. Miller’s career he performed system
administration and system engineering services in the commercial sector,
Intelligence Community and National Security Agency. For the past 5 ½
years Mr. Miller has played a valuable role in the insider threat
mission maturity across the Intelligence Community and Department of
Defense. Mr. Miller is responsible for all Tanager Insider Threat
Programs across the Intelligence Community, Department of Defense,
Federal agencies and commercial sector. In 2014 Mr. Miller became
Co-Chair for the National Insider Threat Special Interest Group (NITSIG).
The NITSIG was chartered to help facilitate Insider Threat Program
information collaboration between the stakeholders tasked with
implementing and supporting the insider threat mission. Mr. Miller is
the Insider Threat Program coordinator for Tanager’s Insider Threat
Program and was responsible for developing a robust program consisting
of a charter, Concept of Operations (CONOPS), User Activity Monitoring (UAM)
and data correlation/link analysis solution for protecting Tanager’s
employees, data and customers.
PAST MEETING
Date:
January 21, 2015
Time:
1PM-3PM
Location:
Experian Public Sector Offices
900 17th Street, NW
Suite 1050
Washington, DC 20006
Topic:
Developing An Insider Threat Program For Government Agencies / Defense
Industrial Base (DIB) Contractors
Link To NITSIG Meeting Tickets On Eventbrite:
The cost
to attend is FREE. Please visit the link below to reserve your seat at
the meeting. Seating is limited, so please register early.
https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-1-21-15-tickets-13055741073
Topics Of Discussion
Will Include;
Requirements For An Insider Threat Program (U.S. Government / DIB
Contractors)
Organizational Departments That Can Support An Insider Threat Program
Data Sources To Support An Insider Threat Program
Insider Threat Awareness And Reporting
User Activity Monitoring And Tools For The Detection Of Activity
Indicative Of Insider Threat Behavior
Speaker's Bio's:
Jim Henderson
Jim is the CEO Insider Threat Defense and the Founder / Chairman Of The
NITSIG. Jim currently teaches an Insider Threat Program Management
Training Course to U.S. Government agencies, Defense Industrial Base
contractors and businesses. Jim previously worked for the DoD Insider
Threat Counterintelligence (ITCIG) Group (DoD Contractor), and assisted
the DoD ITCIG in establishing a comprehensive and structured DoD
Enterprise Insider Threat Program (ITP) Risk Management Framework (RMF).
The ITP RMF integrated the security disciplines of Counterintelligence
(CI), Security and Information Assurance (IA). The ITP RMF defined the
baseline activities to be conducted by DoD Combatant Commands, Services
and Agencies to support their ITP's. The National Insider Threat Policy
was built off of the ITP RMF.
Mike Miller
In 2010 Mike was tasked as the lead engineer and project manager for
assisting the government with implementing an Insider Threat Program at
the Defense Intelligence Agency (DIA) and still supports that customer
today. Mike worked in all facets of the Insider Threat Program, such as
engineering and design of the user activity monitoring (UAM)
implementation, concept of operations (CONOPS) for the analysis mission
and standard operating procedures (SOPs) for the engineering support.
Mike is also involved with organizations and agencies tasked with
implementing Insider Threat Programs.