INSIDER THREAT SYMPOSIUM & EXPO
Premier Sponsor - Securonix
The National Insider Threat Special Interest Group (NITSIG)
is excited to
that it will hold a 1 day Insider Threat Symposium & Expo ™
on July 18, 2017, at the
Johns Hopkins University - Applied Physics Laboratory, in Laurel,
Maryland. There is NO CHARGE to attend. Registration information
Insider Threat Symposium & Expo Overview
Threat Symposium & Expo was created in the wake of past and
Threat Incidents" that have been very
costly and damaging to the U.S. Government and businesses.
The NITSIG has complied some "Eye Opening"
reports, surveys and incidents
that should be of concern to all CEO's
and security professionals.
The NITSIG has lined up
excellent speakers with "Hands On Experience", who are Insider Threat
Risk Mitigation Subject Matter Experts, and
work for the U.S. Government, Defense Contractors and private sector
businesses. (Speaker Info Below)
Insider Threat Symposium & Expo is a MUST ATTEND event for individuals
working for the U.S. Government, State Governments, Department of
Defense, Intelligence Community Agencies,
Providers, Defense Contractors, Airport / Aviation
Security, Banking-Finance Industry, Health Care Industry, and other large and small businesses.
Insider Threat Symposium & Expo is exclusively focused on the
many aspects of Insider Threat Risk Mitigation; The Insider Threat Program
Implementation, Management), Insider Threat Awareness, Employee
Threat Identification and Mitigation, and more.
Insider Threat Symposium & Expo will provide attendees with access
to a large network of security professionals for collaborating with on
all aspects of Insider Threat Risk Mitigation.
Symposium will also include a panel of industry recognized
Insider Threat Risk Mitigation Experts. These experts will answer questions from
the audience providing "Real World Guidance" for Insider Threat Program
Management and Insider Threat Risk
your looking for guidance for compliance with Executive Order 13587
- National Insider Threat Policy and NISPOM Conforming Change 2 -
Insider Threat, this is the event you don't want to miss.
The Insider Threat Symposium & Expo is also very well suited for
organizations that are not mandated by a compliance requirement to
implement an Insider Threat Program, but are concerned about
Employee Threat Identification and Mitigation.
The Expo will provide attendees with visibility into
proven technologies and services for Insider Threat Detection, Mitigation and
Prevention. If you want to see Employee User Activity Monitoring /
Behavioral Analytical Tool demonstrations, this is the event. More
details on vendors below.
Attend? / Target Audience
audience for the Insider Threat Symposium & Expo is for individuals that
manage or support Insider Threat Programs or are involved in Insider
Threat Risk Mitigation.
Insider Threat Program Manager
Insider Threat Program Personnel /
Program Working Group Members
Resources / Personnel Security
Physical Security / Facility Security Officers
C-Suite Management (CEO) / Senior Directors
Level Management / Business Unit Managers
Risk Officer / Risk Management
Information Officer (CIO) / Information Technology (IT) Department
Information Security Officer (CISO)
Security Program Manager
Information Systems Security Manager / Officer
Information Assurance Manager / Officer
Network Security / IT Security / Database Administrators
Security, Education Training And Awareness Professionals
Computer Security Incident Response Team
Contracting Officer (COTR)
/ General Counsel
FBI SA Dewayne Sharp - Insider Threat Center
Using The Situational Crime Prevention Model To Prevent Insider Threats
Insider Threat Programs are typically reactive as they focus on
analyzing employee behavior and encouraging the reporting of security
violations. Most cyber security tool sets only cover network perimeters
and trigger when a person commits a boundary violation. These efforts
work to reduce the size of the population under scrutiny. Organizations
rarely address reducing the environment which Insiders work within. An
Insider Threat Program is only going to be moderately effective, if the
organization does not spend resources to close gaps in the
organization’s policies, business processes and security programs, which
an Insider could exploit. During his discussion, Dewayne will present
the Situational Crime Prevention Model and suggest ways organizations
can use this model to limit the potential for Insider attacks.
Department of Justice Insider Threat Prevention and Detection Program
Insider Threat Program Management (USG Focused)
Managing the day to day operations of an Insider Threat Program /
Insider Threat Program Working Group / Hub.
Director Counterintelligence Operations and Corporate Investigations
Insider Threat Program Management (Defense Contractor Focused)
Managing the day to day operations of an Insider Threat Program.
(Developing an Insider Threat Program, Executing an Effective Insider
Threat Program Aligned with Corporate Values, Challenges, Quick Wins,
Data Sources For Insider Threat Detection, Handling An Insider Threat
Concern / Incident, Tips etc.)
Robert Gallagher - Operational Psychologist
Senior Partner / Director Of Psychological Consultation and
Guardian Defense Group
NITSIG Board Member / Scientific Director
What Should The Insider Threat Program / Working Group Be Looking For?
(What The Government Wants You To Look For. Stepping Outside Compliance
- Other Behavioral Indicators Of Concern)
Michael J. Lipinski
CISO & Chief
Using User And Entity Behavior Analytics And Big Data to
Combat / Detect Insider Threat
Securonix is radically
transforming enterprise security with actionable security intelligence.
Our purpose-built, advanced security analytics technology mines,
enriches, analyzes, scores and visualizes data into actionable
intelligence on the highest risk threats from within and outside their
environment. Using signature-less anomaly detection techniques that
track users, account and system behavior, Securonix detects the most
advanced insider threats, data security and fraud attacks automatically
and accurately. Globally, customers use Securonix to address basic and
complex needs around threat detection and monitoring, high privileged
activity monitoring, enterprise and web fraud detection, application
risk monitoring and access risk management.
Tiversa - The Cyberintelligence Experts
Cyber Criminal - Insider Threat Collusion On The Dark Web
Many organizations think they HAVE NOT suffered a data breach. The
sad reality is that many organizations don't know that they have
ACTUALLY suffered a data breach. Where is you data? More then likely the
data is on a Peer To Peer (P2P) Network or the Dark Web / Deep Web. How
did it get there-Your Employees? What data is exposed?
will focus on understanding the types of data Tiversa is finding on P2P
Networks and the Dark Web / Deep Web. Tiversa is well known for finding
the following data on P2P Networks; Classified Government Documents (F35
Joint Strike Fighter, WikiLeaks Documents, Blueprints Of Marine One
Helicopter, Details On Presidential Motorcade), SF86 Questionnaires and
so much more.
Shawn Thompson - Insider Threat Lawyer (Corporate Legal Services)
NITSIG Board Member / Legal Advisor
Insider Threat Law
A Lawyer's Guide To Insider Threat Program Management / Legal
Counterintelligence Program Lead
Creating The Big Picture Of A Potential Insider Threat From Multiple
This presentation will
focus on the many elements that are needed for an effective Insider
Threat Program. (Insider Threat Program Working Group: Stakeholder
Communication and Sharing of Potential Employee Threat Information,
Thinking Outside The Box Of Compliance Regulations and more). Mr.
Kanefsky has extensive experience in the many different aspects of
Insider Threats. Prior to beginning with Northrop Grumman, he served 25
years as a Special Agent of the FBI, and was assigned to the New Orleans
Division, Baton Rouge Resident Agency, where he led public corruption,
healthcare fraud, and bank fraud investigations. Mr. Kanefsky has been
involved in investigative case work where he addressed several sensitive
counterintelligence matters and National Security matters.
Jim Henderson - Insider Threat Risk Assessment Specialist
CEO Insider Threat Defense, Inc.
Insider Threats Made Easy - James Bond 2017
This presentation / demonstration will focus on understanding simple
techniques that "Malicious Insiders" can use to exflitrate data and
other valuable information from within an organization. These
techniques have successfully been used to exflitrate sensitive business
information during Insider Threat Risk Assessments. Understanding the
"Malicious Insiders Playbook" of options is critical.
Occupational Safety & Health Administration (OSHA)
Employer Responsibilities / Workers Rights
The Expo will provide attendees with visibility into
proven technologies and services (Currently Used By The U.S. Government
/ Private Sector) for Insider Threat Detection, Mitigation and
Prevention. If you want to see Employee User Activity Monitoring /
Behavioral Analytical Tool demonstrations, this is the event.
Some of the many great comments that were provided to the NITSIG about
the 2015 ITS&E, were the outstanding speakers and the large selection of
vendors that were on display. The NITSIG anticipates a large number of
vendors for this event.
- Premier Sponsor Of The NITSIG Insider Threat Symposium & Expo
Securoinx is radically transforming enterprise security with actionable
security intelligence. Our purpose-built, advanced security analytics
technology mines, enriches, analyzes, scores and visualizes data into
actionable intelligence on the highest risk threats from within and
outside their environment. Using signature-less anomaly detection
techniques that track users, account and system behavior, Securonix
detects the most advanced insider threats, data security and fraud
attacks automatically and accurately. Globally, customers use Securonix
to address basic and complex needs around threat detection and
monitoring, high privileged activity monitoring, enterprise and web
fraud detection, application risk monitoring and access risk management.
honored with an unprecedented
20 awards at the 2017 Info Security Products Guide Global Excellence
Awards, held in conjunction with the RSA Conference.
Tanager is a Women
Owned Small Business with core capabilities in Cyber Security and
Insider Threat. Since 2009, Tanager’s multidisciplinary team of Insider
Threat experts have implemented numerous Insider Threat Programs for
government agencies and commercial organizations. From data analysis and
investigations to deploying, monitoring and supporting state-of-the-art
applications that identifies and responds to the internal threats, we
are truly the leader for providing Insider Threat services to the
federal government. NCIX Insider Threat Program of the Year award; 2 DIA
Quantum Secure SAFE for
Government solution provides a policy-based approach to managing and
enrolling PIV cardholders into diverse PACS including the following
Enrollment of the newly
issued PIV credentials in diverse PACS, including biometric /
biographical data capture from the PIV card.
PACS systems and logical authoritative identity systems, such as LDAP/IdM/HR
systems or other third-party PIV database applications.
Establishing a single
reference point of all cardholders (PIV and non-PIV) across agencies and
across diverse PACS and Logical Access Systems (LACS)
Single and centralized
rules-based process for access privilege provisioning and ongoing access
management within and across agencies.
PIV card lifecycle
management in PACS (PIV card activation, status inquiry, lost or stolen
cards, provisioning and revocation, card expiration policies, etc.)
enrollment and management for PIV and non-PIV cardholders
Complete auditing and
reporting, from the transaction level to the executive dashboard
Veriato is an innovator in actionable User Behavior Analytics and a
global leader in User Activity Monitoring. More than 36,000 companies,
schools, and government entities worldwide utilize Veriato to gain
insight into the user activity on their network and enjoy the security
and productivity increases that come with it. Veriato’s product line
includes the world’s leading employee investigation tool (Veriato
Investigator), award-winning User Behavior Analytics (Veriato Recon) and
enterprise-grade User Activity Monitoring (Veriato 360).
Delta Risk was founded in 2007 from a vision of strategic and
operational effectiveness to assist private sector and government
organizations in understanding their current cyber security posture and
building advanced cyber defense and risk management capabilities. We are
a global provider of strategic, operational, and advisory solutions,
including managed security services and security consulting services.
Delta Risk is a Chertoff Group company.
SECURITY FIRST & ASSOCIATES
At Security First &
Associates (SFA), we take great pride in our thorough and extensive
knowledge of government and industry-specific security & IT regulations.
We will assess your program and offer solutions that are in compliance
with the National Security Industry Program (NISP) and the CI community.
A full suite of corporate security services designed to not only meet
your needs, but to exceed your expectations. With more than 20 years'
experience in all aspects of security administration plus a talented
nationwide pool of professionals, SFA is truly your trusted partner in
Security & Information Technology.
provides the tools to validate and efficiently manage requirements
compliance of your industrial security program. SIMS (Security
Information Management System) will improve your security posture and
afford protection from both internal and external threats.
Since 1983, SIMS Software has been a pioneer in automating industrial
security information management and today remains recognized as the
industry leader in the field, providing the U.S. Government and defense
contractors with innovative solutions and systems. SIMS assures
compliance with the National Industrial Security Program. Our dedicated
team of seasoned experts will assist with creating and maintaining your
superior security program. The newest SIMS release supports NISPOM C2
with an enhanced Insider Threat Program capability to Deter, Detect and
LOCATION / REGISTRATION
University - Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
JHU-APL Visitor Guide
(See Page 8 For Hotels)
FREE (Open To Non-NITSIG Members)
For more information on becoming a NITSIG Member (No Cost), please see
the link below:
Limited # Of Tickets (500)
Food / Beverages
Complimentary coffee will be provided (Morning, Afternoon)
Lunch is available in the JHU-APL cafeteria, or surrounding food
must be a U.S. Citizen to attend this event. A valid Drivers License or
U.S. Government issued ID is required at the door.
News Media Representatives
MUST BE APPROVED
by the NITSIG to attend this event.
Continuing Professional Education Credits
will be eligible to earn 8 Continuing Professional Education (CPE)
Credits to go toward your security certification CPE requirements.
Please send any questions about this event via
Or call; 561-809-6800