NATIONAL INSIDER THREAT SPECIAL INTEREST GROUP - NITSIG

 

HOME   ADVISORY BOARD   MEMBERSHIP  CHAPTERS   MEETINGS   PUBLIC SPEAKING

INSIDER THREAT INCIDENTS E-MAGAZINE

INSIDER THREAT SURVEYS, REPORTS, INCIDENTS

INSIDER THREAT MITIGATION RESOURCES

INSIDER THREAT SYMPOSIUM & EXPO

INSIDER THREAT MITIGATION VENDORS 

SPONSORS   PRESS RELEASES   CONTACT US

 

 

National Insider Threat Special Interest Group Meetings

The NITSIG would like to invite its members, security professionals and other interested individuals to our meetings. Non-NITSIG Members may attend.  Their is NO CHARGE to attend meetings.

 

Interested In Joining The NITSIG

NITSIG Membership Application

 


 

NITSIG Virginia Chapter Meetings (TBD)

 


 

NITSIG Maryland Chapter Meetings

 

Next Meeting
February 11, 2020
9am - 1pm
Johns Hopkins University Applied Physics Laboratory, Laurel, Maryland

Topic Of Discussion
Insider Threat Detection On Computer Systems & Networks

The NITSIG will hold a meeting to discuss the findings of a workshop that was held in 2019. The workshop was done in partnership with the University of Maryland’s Applied Research Laboratory for Intelligence and Security (ARLIS). The goals of the workshop were to answer key questions related to Insider Threat Detection (ITD) on computer systems and networks, and the use and procurement of vendor supplied software tools designed to support Insider Threat detection and mitigation efforts. Insider Threat Program Managers and Analysts from the Insider Threat Community (U.S. Government / Private Sector) attended the workshop and contributed their experiences and expertise.

The results of the workshop will be presented by Jim Henderson (Founder / Chairman NITSIG). A discussion panel will follow the presentation. Individuals directly involved in ITD for computer systems and networks, using ITDT's will answer questions.

Who Should Attend This Meeting?
ITP Managers / Senior Officials
Insider Threat Analysts
Facility Security Officers
ITP Working Group / Hub Stakeholders (Security, CSO, Human Resources, IT Security, Legal / General Counsel, Counterintelligence Investigators, Etc.)
CIO's / IT Security / CISO's Considering Purchasing An ITDT
Anyone Interested In Gaining In-Depth Knowledge Related To ITD On Computer Systems / Networks

Meeting Registration (No Charge)

 

Presentation
 


 

Date:
February 12, 2019

Time:
9AM-1PM

Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124

 

 

Parking:
Parking is available on the JHU-APL Campus. Parsons Auditorium is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL Drive. You may park in the lot on your left labeled for visitors, adjacent to Lobby 1. You will enter the building at Lobby 1. JHU-APL Campus Map

 

 

Who Should Attend?
Anyone managing or supporting an Insider Threat Program, or concerned with proactive "Employee Threat Identification".

 

 

Registration Link
 

Note
You must be a U.S. Citizen to attend this event. A valid Drivers License or U.S. Government issued ID is required at the door.
 

 

 

Topic Of Discussion
Insider Threat Detection And Mitigation Using External Data Sources

Gathering and analyzing Internal data sources is very important for Insider Threat Detection. Equally important is knowing what External data sources are also available to create the "Big Picture" of potential / actual Insider Threats. (External Data Sources Overview)

 

Most companies currently perform background screening on employees ONCE at the Pre-Hire stage. This screening is a Point In Time Snapshot.

To be more proactive in detecting and mitigating Insider Threats, many companies are using Post-Hire solutions, that allow the employer to Continuously monitor an employee for Indicators of Concern.

 

With these solutions companies can now proactively identify employee risk and pre-emptively address a problem before it escalates.

This meeting will focus on the many External data sources that are available from various companies, for organizations and businesses that want to be provided with a 360 degree view into Employee Indicators of Concern, and are concerned with proactive Employee Threat Identification.
 

This meeting will also provide insight into the possibility that your company's data may be "For Sale" on the Dark Web, and how to locate it.

 

 

Presentation By Transunion (Info)

Topic: Gaining Employee Vulnerability Insights To Help Guide Resource Allocation
 

Speaker: Jeff Huth,  VP Product Management, TransUnion Public Sector

 

Overview

TransUnion monitors over 1 billion people and 5 billion devices in advanced data centers across the globe, which customers can access and leverage to gain valuable insights into organizational and personal vulnerabilities that puts you at risk.

Most organizations have limited resources for implementing an Insider Threat Program, so conducting an anonymized financial risk analysis of your population will help you better understand where to focus resource expenditures.

Additionally, recent acquisitions increase TransUnion’s ability to determine if devices (cell phones, laptops, etc.) used for fraudulent activity are trying to access your networks.

Combined, these capabilities greatly increase insights into vulnerabilities that help guide you in making decisions on how to spend your limited budgets in the most efficient manner when it comes to maturing your Insider Threat Programs.

 

Presentation
 


 

Presentation  By ClearForce (Info)

Topic: Early Identification Of Insider Risk

 

Speaker: Tom Miller – CEO, ClearForce

 

Overview
ClearForce streams relevant content in real time to a market where calendar-based batch decision making has been the norm.

We built ClearForce on a foundation of employee consent and transparency. We put employee privacy at the forefront of enhancing security.

We are not trying to solve this as a big data problem. We are not scraping and searching for negative employee data, instead our solution delivers real time event-based behavioral alerts of employee misconduct and high-risk behavior occurring outside the workplace that typically aligns to the pre-hire background checks, including criminal arrests and leading indicators of financial stress.

We make all this possible by solving the regulatory hurdle of making external data actionable with our patent pending, legally compliant workflow, directly addressing FCRA and other EEOC requirements.

 

Presentation
 


 

Presentation By Thomson Reuters (Info)

Topic: Overview Of Online CLEAR Investigation Solutions

 

Speaker: Mark Sullivan, CLEAR Investigative & Risk Solutions Regional Manager, CLEAR Product Specialist
 

 

Overview

Connections, Currency, Content, and Comprehension are all important components of an effective ‘online’ investigation. CLEAR from Thomson Reuters delivers all four of these pillars in solution with strong preference in local, state, and federal law enforcement as well as with corporate security professionals nationwide.

Uncovering red flags through hidden, and unhidden, connections may be the difference between a successful and unsuccessful investigation. Ensuring consistent access to current information versus data that may be weeks, months, or even years old increases the ability to create actionable insights in an investigation. In many normal contexts duplication may seem to be a bad thing but during an investigation or scenario where monitoring is required duplication and transparency across data sources minimizes the chances of an ‘unturned stone.’ Finally, without the ability to quickly comprehend, remediate false positives, and make meaningful decisions off of information returned, the advantages of sound monitoring/investigative procedures quickly diminish.

During this overview we will touch briefly on the history of CLEAR and how it can be an important part of solving some of these key challenges.
 



Presentation By Kroll
(Info)

Topic: Is Your Company Data For Sale On The Dark Web?

 

Speaker: Keith Wojcieszek, Former U.S. Secret Service Cyber Intelligence Section Supervisory Special Agent, Criminal Investigation Division
 

 

Overview
Why Is Dark Web Monitoring Important?
What Useful Threat Intelligence Can You Find On The Dark Web?

Unscrupulous workers who sell their employers’ secrets are nothing new. But a rise in websites dedicated to white collar crime is making the practice easier than ever, and leading more Insiders to peddle confidential information.


In one recent case, a multinational software company prevented the sale of highly sensitive source code of yet-to-be-released enterprise software. The threat actor turned out to be an Insider who was working for the company. He stole the code and was attempting to sell it on the underground for $50,000.

How The Dark Web Presents New Insider Threats

 

Defend Your Data As Insiders Monetize Their Access

Insider Trading On The Dark Web On The Rise

Insider Threats Escalate And Thrive On The Dark Web

 

Firms Urged To Scour Dark Web For Breached Data

 

RedOwl Report - Monetizing The Insider Through The Dark Web

 

 


 

Date:
March 2, 2018

Time:
9AM-12PM

Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124

 

 

Parking:
Parking is available on the JHU-APL Campus. Parsons Auditorium is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL Drive. You may park in the lot on your left labeled for visitors, adjacent to Lobby 1. You will enter the building at Lobby 1. JHU-APL Campus Map

 

 

Topic Of Discussion
Protecting Controlled Unclassified Information (CUI)

Background On Protecting CUI
On November 4, 2010, the President signed Executive Order 13556, Controlled Unclassified Information. The Executive Order established a government wide CUI Program to standardize the way the executive branch handles unclassified information that requires protection. It designated the National Archives and Records Administration (NARA) as the Executive Agent to implement the program. The Archivist of the United States delegated these responsibilities to the Information Security Oversight Office.

The requirements for the protection of CUI provide a set of “minimum” security controls for contractor information systems upon which CUI is processed, stored on, or transmitted through. These security controls must be implemented at both the contractor and subcontractor levels based on the information security guidance in NIST Special Publication (SP) 800-171: Protecting Controlled Unclassified Information In Non-Federal Information Systems And Organizations.

The CUI protection requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and nonfederal organizations. Failure to implement the security controls to protect CUI, would be a breach of contract.

For an Insider Threat Program to be robust and effective, it must be built upon an established security foundation within an organization. The NIST SP 800-171 covers many security controls that can support Insider Threat Risk Mitigation.

This meeting is also very well suited for any organization or business that is not required to protect CUI, but is looking to enhance their Information Systems Security Program / Insider Threat Program.
 


Presentation # 1
Presentation - Topic Of Discussion
Protecting Controlled Unclassified Information (CUI)

This presentation will provide the attendees with an overview of the CUI Program, its origins, and review the safeguarding elements found in the CUI implementing directive 32 CFR Part 2002.

Speaker
Mark Riddle
Information Security Oversight Office
Senior Program Analyst
Lead for Controlled Unclassified Information Program Oversight



Presentation # 2
Presentation - Topic Of Discussion
Going Beyond Compliance Requirements For Protecting Controlled Unclassified Information

This presentation will focus on understanding simple techniques that "Malicious Insiders" can use to exfiltrate data and other valuable information from within an organization. These techniques have successfully been used to exfiltrate sensitive business information during Insider Threat Risk Assessments. Understanding the "Malicious Insiders Playbook" of options is critical.


Speakers
Jim Henderson: Insider Threat Risk Mitigation Expert
NITSIG Founder / Chairman
CEO Insider Threat Defense, Inc.
(Bio)

Warren Holt
NITSIG Board Member / Technical Director
Technical Director, Data Loss Prevention (DLP) For Aveshka, Inc.

(Bio)
 

 

Link To NITSIG Meeting Tickets On Eventbrite:
The cost to attend is FREE. Please visit the link below to reserve your seat at the meeting. Seating is limited, so please register early.

https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-3-2-18-tickets-42912092223

 

 


 

Date:
February 9, 2017

Time:
10AM-1PM

Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124

 

 

Parking:
Parking is available on the JHU-APL Campus. Parsons Auditorium is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL Drive. You may park in the lot on your left labeled for visitors, adjacent to Lobby 1. You will enter the building at Lobby 1. . JHU-APL Campus Map

 

 

Topic:

Workplace Violence (10AM-11AM)

Presented By: Occupational Safety and Health Administration (OSHA)

Presentation Topics:

  • Workplace Violence Overview (Threats, Verbal Abuse, Physical Assaults, Homicide)

  • How To Recognize Workplace Violence Indicators

  • Employer Responsibilities By Law To Provide A Safe Workplace

  • Employee Rights

  • Implementing A Workplace Violence Prevention Program

  • Reporting An Unsafe Workplace To OSHA

 

 

Topic:

Civilian Response To Active Shooter Events (11AM-1PM)

Presented By: Maryland State Police

Presentation Topic:

  • The Civilian Response to Active Shooter Events (CRASE) presentation is designed and built on the Avoid, Deny, Defend strategy developed by the Advanced Law Enforcement Rapid Response Training (ALERRT). The presentation provides strategies, guidance and a proven plan for surviving an active shooter event.

 

 

Link To NITSIG Meeting Tickets On Eventbrite:
The cost to attend is FREE. Please visit the link below to reserve your seat at the meeting. Seating is limited, so please register early.

https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-2-9-17-tickets-31099485398

 


 

Date:
September 7, 2016

Time:
10AM-1PM

Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124

 

 

Parking:
Parking is available on the JHU-APL Campus. Parsons Auditorium is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL Drive. You may park in the lot on your left labeled for visitors, adjacent to Lobby 1. You will enter the building at Lobby 1. When you leave for the day, please stop by the receptionist desk to receive the parking code for the visitors parking lot. JHU-APL Campus Map


Topic:

Insider Threat Program Development For NISPOM Conforming Change 2

  • The meeting will be exclusively focused on Insider Threat Program Development per the requirements of NISPOM Conforming Change 2 - Insider Threat.

  • Industry recognized Insider Threat Risk Mitigation Subject Matter Experts will provide attendees with "Real World" guidance for Insider Threat Program development, implementation and management.

  • Items Of Discussion To Include;

  • Legal Considerations For Insider Threat Programs (Licensed Attorney On Panel)

  • Insider Threat Program Working Group / Hub

  • Insider Threat Program Implementation Plan
     

NISPOM Conforming Change 2- Insider Threat Program Requirements
NISPOM 1-202 requires Defense Industrial Base (DIB) Contractors to establish and maintain an Insider Threat Program that will gather, integrate, and report relevant and available information indicative of a potential or actual insider threat. Contractors must have a written Insider Threat Program Implementation Plan in place to begin implementing insider threat requirements of NISPOM Change 2 no later than November 30, 2016
http://www.dss.mil/it/index.html


Link To NITSIG Meeting Tickets On Eventbrite:
The cost to attend is FREE. Please visit the link below to reserve your seat at the meeting. Seating is limited, so please register early.
https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-9-7-16-tickets-27013744838

 

Bio’s Of Supporting Speakers / Panel Members:
Jim Henderson – Founder / Chairman Of NITSIG
CEO Insider Threat Defense, Inc.
Insider Threat Program Development Training Course Instructor / Insider Threat Risk Mitigation Analyst

  • Mr. Henderson has trained a provided Insider Threat Program Development Training / Services to 350+ organizations; U.S. Government Agencies, Defense Industrial Base (DIB) contractors, NCMS Members / Chapters, Defense Security Service, Critical Infrastructure Providers, Aviation / Airline Security Professionals, Banking / Financial Institutions, large and small businesses. (National Insider Threat Policy & NISPOM Conforming Change 2)

  • Mr. Henderson previously worked for the DoD Insider Threat Counterintelligence (ITCIG) Group (DoD Contractor), and assisted the DoD ITCIG in establishing a comprehensive and structured DoD Enterprise Insider Threat Program (ITP) Risk Management Framework (RMF). The ITP RMF integrated the security disciplines of Counterintelligence (CI), Security and Information Assurance (IA). The ITP RMF defined the baseline activities to be conducted by DoD Combatant Commands, Services and Agencies to support their ITP's. The National Insider Threat Policy was built off of the ITP RMF.

 

 

Mike Miller – NITSIG Co-Chair
Chief Operating Officer; Vice President, Insider Threat Program Coordinator
Tanager, Inc.

  • In 2014 Mr. Miller was selected as the Co-Chair for the National Insider Threat Special Interest Group (NITSIG). The NITSIG was chartered to help facilitate Insider Threat Program information collaboration between the various stakeholders tasked with implementing and supporting the insider threat mission.

  • Mike Miller serves as the Chief Operating Officer and Vice President in charge of all Insider Threat Programs at Tanager. Mr. Miller is responsible for all Tanager Insider Threat Programs across the Intelligence Community, Department of  Defense, Federal agencies and commercial sector. Mr. Miller has played a valuable role in the insider threat mission maturity across the Intelligence Community and Department of Defense.

  • Mr. Miller is the Insider Threat Program coordinator for Tanager’s Insider Threat Program and was responsible for developing a robust program consisting of a charter, Concept of Operations (CONOPS), User Activity Monitoring (UAM) and data correlation / link analysis solution for protecting Tanager’s employees, data and customers.

 
Shawn Thompson, Esq. - NITSIG Board Member / Legal Advisor

Insider Threat Management Group, LLC
Insider Threat Risk Mitigation Specialist / Lawyer (Corporate Legal Services)

  • Mr. Thompson of ITMG is a Licensed Attorney, former Federal Prosecutor, Special Agent, and Insider Threat Program Manager. Mr. Thompson's in-depth experience and understanding of the intricacies of developing, implementing and managing an Insider Threat Program are unmatched. (Privacy Concerns,, User Activity Monitoring, Investigations, Etc.) Mr. Thompson is a member of the Maryland Bar Association.
    Mr. Thompson has;

  • Successfully prosecuted numerous economic espionage cases.

  • Successfully investigated several high profile insider threat cases.
    Provided expert assessments and briefings on insider threats to the highest levels of government.

  • Been a pioneer in the field of insider risk management.

  • Deep knowledge of how to properly assess insider risks and create and manage insider threat programs.

  • Been an experienced trusted broker having advised both government and corporations on how to effectively prevent, detect, and mitigate insider threats.

  • Mr. Thompson has served in numerous high profile positions:

  • Chairman, Insider Threat Mission Group, Office of the Director of National Intelligence

  • Insider Threat Program Manager, United States Department of Defense

  • Special Assistant United States Attorney, United States Attorney's Office

  • Senior Litigation Attorney, United States Department of Defense

  • Assistant General Counsel, FBI

  • Special Assistant United States Attorney, United States Attorney's Office

  • Mr. Thompson has  been involved with creating and managing Insider Threat Programs for numerous federal agencies. His work with the National Insider Threat Task Force led to the creation of the National Insider Threat Policy and Minimum Standards for Executive Agencies.
     


Dr. Robert Gallagher - NITSIG Board Member / Scientific Director
Operational Psychologist
Senior Partner And Director Of Psychological Consultation And Training
Guardian Defense Group

  • Dr. Gallagher has extensive experience exploring the human side of espionage and insider threat. As a licensed psychologist, former military intelligence officer and counterintelligence special agent, he has had the opportunity to study and apply his knowledge of human dynamics in an array of settings. He has supported both offensive and defensive intelligence / counterintelligence, SOF and cyber operations. Additionally, he has personally participated in hundreds of strategic and tactical military and intelligence operations on six continents.

  • Prior to joining the private sector Dr. Gallagher served as:
    Chief of Behavioral Sciences at the Defense Counterintelligence and HUMINT Center

  • Founder of the prestigious National Security Psychology Symposium

  • Chief of Enterprise Screening at the Defense Intelligence Agency

  • Counterintelligence Psychologist with the Office of Security at the National Security Agency

  • Special Duty Screener, with the USAF and Air Intelligence Agency

  • Currently, Dr. Gallagher is a Senior Partner and Director of Psychological Consultation and Training with Guardian Defense Group (GDG). GDG is a Service Disabled Veteran Owned Small Business consisting of a unique blend of operational psychologists and former Special Operations operators supporting the counterintelligence, security and behavioral science needs of public and private sector clients.
     

Trevor A Odell
Director, IT Security & Assurance
BAE Systems, Inc.

  • Mr. Trevor Odell joined BAE Systems, Inc. in 2007 as the Manager of IT Security for the Land and Armaments sector, working inside the Industrial Security program. In December 2010 he joined headquarters staff as the Director, IT Security and Assurance working for Thomas Langer, VP of Security – BAE Systems, Inc.

  • Mr. Odell in his current role, he is focused on Enterprise Risk Management as evidenced in FOCI Mitigation, ECP compliance, Security Governance and Counterintelligence / Cyber Risk Management, Insider Threat Management and the protection of Customer, Company and National Security Information. As part of his Counterintelligence work, he spends one day each week in Quantico as BAE Systems representative to the Counterintelligence Partnership with Industry Program run by DSS. Although his work is primarily governance and strategic in nature, he works with all lines of business on a weekly basis ensuring the appropriate levels of protection are applied to business initiatives to minimize risk to the information entrusted to us and maximize the ability of the business to operate successfully.

  • Mr. Odell came to BAE Systems after spending 10 years at Pitney Bowes, Inc. in various security management roles both tactical and strategic. Pitney Bowes, Inc. is the leading global provider of postal meters, mail enabling technologies and mail integration solutions with 30,000 employees worldwide.

  • Prior to Pitney, Mr. Odell spent 5 years working at global specialty chemical company - Witco, as a network security engineer / architect with identity and access control responsibilities serving operations in 7 countries and before that as the systems / network engineer and software developer for the leading provider of IPO Management Services for Wall Street, CommScan. In his work at CommScan, he interacted daily with senior executives and business partners at all of the investment banks in the U.S. and the majority of the major international investment banks.'

  • Mr. Odell has spoken at security conferences on subjects ranging from “Strategies for the protection of Personally Identifiable Information (PII), including social security numbers, credit card data, financial information and personal health information (PHI)”, “Cloud Security” and most recently “Using Open Source Intelligence for Reconnaissance”. In the past he hosted several webinars focused on educating attendees on the effective implementation of data loss prevention solutions.

  • Mr. Odell holds a Bachelor of Fine Arts degree from Ithaca College, in Ithaca NY.

 


 

Date:
April  26, 2016

Time:
10AM-1PM

Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124

 

Parking
Parking is available on the JHU-APL Campus. Parsons Auditorium is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL Drive. You may park in the lot on your left labeled for visitors, adjacent to Lobby 1. You will enter the building at Lobby 1. When you leave for the day, please stop by the receptionist desk to receive the parking code for the visitors parking lot.
JHU-APL Campus Map
 

NISTIG Meeting Announcement / Agenda 4-26-16

 

Link To Sign Up For Free Ticket
 

 

Presentations / Topics Of Discussion

Active Shooter & Hostile Incident Response
Presentation By: TFC Travis Nelson, MD State Police Law Enforcement Liaison, MD Emergency Management Agency
This presentation will review the interdisciplinary response of Fire, EMS, Police and Emergency Management to an active assailant or potentially volatile incident. It will review security and safety concerns on scene and how to quickly access patients while the incident is evolving. The course will examine methods on how to integrate all partners necessary to plan and manage the incident. Class attendees and instructors will have an informal discussion on available equipment, implementing state guidance locally and how to begin planning.


Insider Threat Incidents / Case Studies & Indicators
Presentation By: FBI Special Agent (SA) Sharp, FBI Insider Threat Center
FBI Special Agent (SA) Sharp will present case studies on recent insider threat investigations with an emphasis on indicators displayed by the subject and the victim organization’s responses. SA Sharp will present on physical as well as cyber insider threats.


Employee Continuous Evaluation & Screening Service
Presentation By; Peter Collins
IDentrix Employee Continuous Evaluation & Screening Service

  • IDentrix is a division InfoZen. InfoZen is the company that provides the Secure Flight Program to the U.S. Government, screening 2 million names a day.
    IDentrix is a very affordable web based "Employee Continuous Evaluation Screening Service".

  • IDentrix monitors approx. 1000 sources of information for information that may be of concern to companies about their employees. Risk Alerts pertaining to 65 plus different attributes including criminal, civil, sanctions, professional licenses, etc. Most importantly it actively monitors each individual daily for various types of activities that may have a negative impact on their ability to fulfill their roles in compliance with established regulations. As you probably realize, traditional background checks which are completed at timed intervals may not reflect any activities over the last few years. A company will receive an alert from within 10 minutes to 24 hours after a new potential negative data source has been discovered about an individual. Screening services are available daily, weekly or monthly.

  • During a 3 month period that the End User / Client used the IDentrix Continuous Monitoring Service, IDentrix identified over 800 identity changes, of which twenty four (24) actionable alerts were deemed to disqualify the noted persons from continued participation in their current regulated duties. Thus protecting the client from potential risk due to unacceptable activities.

IDentrix Website

IDentrix Overview Video - YouTube

IDentrix Demo
IDentrix offers a free live 30 minute demo, during which time you’ll be able to see the unique features and data coverage offered as part of the solution.
Sign Up For Demo
 

 

Bio’s Of Guest Speakers

TFC Travis Nelson, MD State Police Law Enforcement Liaison, MD Emergency Management Agency

  • Trooper First Class Travis Nelson is currently assigned to the Special Operations Division of the Maryland State Police. He is detailed as a law enforcement liaison to the Maryland Emergency Management Agency (MEMA.)

  • Travis serves as the co-chair for the Maryland Active Assailant Interdisciplinary Workgroup and works with the Maryland Institute for Emergency Medical System Services (MIEMSS) to lead a statewide effort to provide guidance for all responders to hostile events.

  • He is the chair of the recently established Maryland Search and Rescue Coordination Workgroup, technical lead of the Maryland Prevention and Protection Workgroup and serves on the Region III Advisory Council for the Federal Emergency Management Agency (FEMA.)

  • Prior to, he was assigned to MEMA as a regional liaison officer, MSP Special Events Unit, MSP Human Resources Division and MSP Centreville Barrack.

  • Travis is the current Director of Career Services at the Kent & Queen Anne’s Rescue Squad in Chestertown, MD and certified as a medic, rescue diver and firefighter. He previously worked for Kent County 9-1-1, Queen Anne’s County 9-1-1 and Queen Anne’s County EMS.

 

FBI Special Agent (SA) Sharp, FBI Insider Threat Center

  • Special Agent Dewayne Sharp joined the FBI in January 2001 and was assigned to the Chicago Field Office initially to work counterintelligence investigations of intelligence officers from various threat countries. He was subsequently assigned to economic espionage and technology transfer investigations related to the three Department of Energy laboratories in the Chicago area.

  • In January 2009, SA Sharp was promoted to Supervisory Special Agent at FBI headquarters in the Counterintelligence Division managing threat country investigations and operations against foreign intelligence targets. In June 2011, SSA Sharp transferred to the Counterespionage Section where he investigated and managed the investigations of FBI personnel suspected of spying for foreign countries.

  • In June 2014, SSA Sharp became the second member of the FBI’s Insider Threat Center and currently leads a risk management unit. His unit evaluates insider threat risks as they relate to FBI personnel, critical assets and security programs and presents risk mitigation options to Executive Management for decision.

  • Prior to the FBI, SSA Sharp served eight years as a US Army officer in multiple assignments around the world. He is a graduate of the United States Military Academy at West Point and has a Bachelor’s degree in Military History with a minor in Computer Science.

 

The NITSIG welcomes input from attendees at the meeting. A collaborative environment with information sharing is a first step at insider threat risk mitigation.
 


 

PAST MEETING

Date:
February 18, 2016

Time:
10AM-1PM

Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124

 

Parking
Parking is available on the JHU-APL Campus. Parsons Auditorium is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL Drive. You may park in the lot on your left labeled for visitors, adjacent to Lobby 1. You will enter the building at Lobby 1. When you leave for the day, please stop by the receptionist desk to receive the parking code for the visitors parking lot.
JHU-APL Campus Map
 

NISTIG Meeting Announcement 2-18-16

 

Link To Sign Up For Free Ticket
https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-2-18-16-tickets-21415345876

 

 

Presentations / Topics Of Discussion

Insider Threats From A Human Resources Perspective
Presentation By: Mrs. Jordan C. Meadows, Security Program Analyst, Rolls-Royce North America

  • How Human Resources addresses discovered issues on an applicant’s background screening.

  • Security’s requirement to verify citizenship for all non-direct hire personnel.

  • Employee Risk – A review of disgruntled employees who are disgruntled with the company’s direction, organizational changes and / or their own personal growth within the company.

  • Risk Related Issues – Risk associated to employee performance development reviews, employee terminations/withdrawals and employees who leave and come back to the company.

  • Reports of employee suspicious activity / behavior.

  • Discussion of two actual insider threat cases that resulted in prosecution.

 

Insider Threats From A Legal Perspective
Presentation By: Mark Zaid, Attorney At Law

 

Securonix Big Data Analytics
Presentation By: John Menkart
The Securonix Platform is a purpose-built advanced security analytics technology that mines, enriches, analyzes, scores and visualizes customer data into actionable intelligence on the highest risk threats from within and outside their environment. Using signature-less anomaly detection techniques that track users, account, and system behavior Securonix is able to automatically and accurately detect the most advanced data security, insider threats and fraud attacks.
Securonix Insider Threat Management

 

 

Bio’s Of Guest Speakers
Mr. Mark Zaid
For over two decades, Mark S. Zaid, Esq. has fought to guarantee the rights of former, current, and prospective civilian federal employees, defense contractors, members of our active duty and reserve military, and journalists, particularly when they are threatened by the overshadowing spectre of national security. His representation has ranged from high-profile Members of Congress to covert CIA operations officers whose names will never be revealed, from politically controversial cases to stealth efforts to obtain historic records. Using a variety of tools—including the Executive, Judicial and Legislative branches, as well as the media—Mr. Zaid and his law firm have helped clients navigate the shadow world of national security, First Amendment, federal employment, and administrative law.
http://www.markzaid.com

 

Mrs. Jordan C. Meadows
Mrs. Jordan Meadows currently serves as the Rolls-Royce North America Security Program Analyst. Mrs. Meadows joined Rolls-Royce in 2011, after serving as the Private Sector Liaison Coordinator for the State of Indiana’s Intelligence Fusion Center. As the Private Sector Liaison Coordinator, Mrs. Meadows developed and managed the Midwest’s first private sector intelligence program which resulted in the successful recruitment and intelligence outreach to over 300 private sector partners from Illinois, Indiana, Kentucky and Ohio.

As the Executive Officer for the Indiana Department of Homeland Security, Mrs. Meadows managed a variety of analytical and emergency management programs. Mrs. Meadows developed and implemented the department’s internship program, developed emergency management and business continuity plans for various businesses and companies throughout the State of Indiana, and was responsible for developing and submitting various presidential disaster declarations on behalf of the state.

Mrs. Meadows received her BS in Psychology from Indiana State University and attended Thomas M. Cooley School of Law in Lansing, MI. After attending law school, Mrs. Meadows worked as an Analyst and Investigator for the Office of the Indiana Attorney General. In 2006, Mrs. Meadows received a MS in Psychology from Capella University with a focus in forensics.

 


 

PAST MEETING

Date:
January 20, 2016

Time:
10AM-1PM

Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124

 

Parking
Parking is available on the JHU-APL Campus. Parsons Auditorium is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL Drive. You may park in the lot on your left labeled for visitors, adjacent to Lobby 1. You will enter the building at Lobby 1. When you leave for the day, please stop by the receptionist desk to receive the parking code for the visitors parking lot.
JHU-APL Campus Map

Topic: Insider Threat Program Development From A To Z
The meeting will be exclusively focused on Insider Threat Program Development per the requirements of NISPOM Conforming Change 2 - Insider Threat.  Industry recognized Insider Threat Risk Mitigation Subject Matter Experts will provide attendees with "Real World" guidance for Insider Threat Program Development, Implementation, Management and Support.

NISPOM Conforming Change 2

Defense Industrial Base (DIB) Contractors will soon be required to implement an Insider Threat Program. NISPOM Conforming Change 2 is close to becoming a mandatory requirement in late 2015, early 2016. Once these requirements are signed and released DIB contractors will have 6 months for implementation.

More Info:

NISPOM Conforming Change 2 - Insider Threat Program Requirements

Topics Of Discussion:

  • The Requirements For NISPOM Conforming Change 2 - Insider Threat

  • The Essential Elements Needed For Successful Insider Threat Program Development And Insider Threat Risk Mitigation

  • Defining The Scope Of An Insider Threat Program

  • Developing, Implementing, Managing Or Supporting An Insider Threat Program With An Insider Threat Risk Management Framework / Insider Threat Program Hub / Insider Threat Program Working Group

  • Creating An Insider Threat Program Policy (Templates Supplied)

  • What Are The Essential Data Sources That Will Support An Insider Threat Program (Data Collection and Analysis)

  • The Behavioral Indicators Of Concern To An Insider Threat Program (Witting, Unwitting)

  • Building Insider Threat Awareness Into The Workforce To Detect And Report Potential Insider Threats

  • Detecting Activity Indicative Of Insider Threat Behavior With User Activity Monitoring Tools (Demo)

The NITSIG welcomes input from attendees at the meeting. A collaborative environment with information sharing is a first step at insider threat risk mitigation.
 

 

Link To NITSIG Meeting Tickets On Eventbrite:

The cost to attend is FREE. Please visit the link below to reserve your seat at the meeting. Seating is limited, so please register early.

http://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-1-20-16-tickets-19974454130


 

Bio’s Of Supporting Speakers / Panel Members:
 

Jim Henderson –  Founder / Chairman Of NITSIG

CEO Insider Threat Defense, Inc.
Insider Threat Program Training Course Instructor / Insider Threat Risk Mitigation Analyst

  • Mr. Henderson has trained a substantial number of U.S. Government Agencies (DoD, IC), DIB Contractors, Critical Infrastructure Providers, large and small businesses on Insider Threat Program Development, Implementation, Management and Support.

  • Mr. Henderson previously worked for the DoD Insider Threat Counterintelligence (ITCIG) Group (DoD Contractor), and assisted the DoD ITCIG in establishing a comprehensive and structured DoD Enterprise Insider Threat Program (ITP) Risk Management Framework (RMF). The ITP RMF integrated the security disciplines of Counterintelligence (CI), Security and Information Assurance (IA. The ITP RMF defined the baseline activities to be conducted by DoD Combatant Commands, Services and Agencies to support their ITP's. The National Insider Threat Policy was built off of the ITP RMF.

 

Mike Miller – NITSIG Co-Chair

Chief Operating Officer; Vice President, Insider Threat Program Coordinator

Tanager, Inc.

  • In 2014 Mr. Miller was selected as the Co-Chair for the National Insider Threat Special Interest Group (NITSIG). The NITSIG was chartered to help facilitate Insider Threat Program information collaboration between the various stakeholders tasked with implementing and supporting the insider threat mission.

  • Mike Miller serves as the Chief Operating Officer and Vice President in charge of all Insider Threat Programs at Tanager. Mr. Miller is responsible for all Tanager Insider Threat Programs across the Intelligence Community, Department of Defense, Federal agencies and commercial sector. Mr. Miller has played a valuable role in the insider threat mission maturity across the Intelligence Community and Department of Defense.

  • Mr. Miller is the Insider Threat Program coordinator for Tanager’s Insider Threat Program and was responsible for developing a robust program consisting of a charter, Concept of Operations (CONOPS), User Activity Monitoring (UAM) and data correlation / link analysis solution for protecting Tanager’s employees, data and customers.

 

Dr. Robert Gallagher -  NITSIG Board Member / Scientific Director
Operational Psychologist
Senior Partner And Director Of Psychological Consultation And Training
Guardian Defense Group

  • Dr. Gallagher has extensive experience exploring the human side of espionage and insider threat. As a licensed psychologist, former military intelligence officer and counterintelligence special agent, he has had the opportunity to study and apply his knowledge of human dynamics in an array of settings. He has supported both offensive and defensive intelligence / counterintelligence, SOF and cyber operations. Additionally, he has personally participated in hundreds of strategic and tactical military and intelligence operations on six continents.

  • Prior to joining the private sector Dr. Gallagher served as:

    • Chief of Behavioral Sciences at the Defense Counterintelligence and HUMINT Center

    • Founder of the prestigious National Security Psychology Symposium

    • Chief of Enterprise Screening at the Defense Intelligence Agency

    • Counterintelligence Psychologist with the Office of Security at the National Security Agency

    • Special Duty Screener, with the USAF and Air Intelligence Agency

  • Currently, Dr. Gallagher is a Senior Partner and Director of Psychological Consultation and Training with Guardian Defense Group (GDG). GDG is a Service Disabled Veteran Owned Small Business consisting of a unique blend of operational psychologists and former Special Operations operators supporting the counterintelligence, security and behavioral science needs of public and private sector clients.

 

Shawn Thompson – NITSIG Board Member

Insider Threat Risk Mitigation Specialist / Lawyer (Corporate Legal Services)

Vice President, InfoTeK Corporation

  • Mr. Thompson has over 15 years of experience investigating, prosecuting, and managing insider threats. He is widely recognized for his insider threat expertise and unparalleled scope and breadth of experience.

  • Mr. Thompson has;

    • Successfully prosecuted numerous economic espionage cases.

    • Successfully investigated several high profile insider threat cases.

    • Provided expert assessments and briefings on insider threats to the highest levels of government.

    • Been a pioneer in the field of insider risk management.

    • Deep knowledge of how to properly assess insider risks and create and manage insider threat programs.

    • Been an experienced trusted broker having advised both government and corporations on how to effectively prevent, detect, and mitigate insider threats.

  • Mr. Thompson has served in numerous high profile positions:

    • Chairman, Insider Threat Mission Group, Office of the Director of National Intelligence

    • Insider Threat Program Manager, United States Department of Defense

    • Special Assistant United States Attorney, United States Attorney's Office

    • Senior Litigation Attorney, United States Department of Defense

    • Assistant General Counsel, FBI

    • Special Assistant United States Attorney, United States Attorney's Office

  • Mr. Thompson is the Vice President for Enterprise Security Risk Management at InfoTeK Corporation. In that capacity, he manages a robust and innovative risk management practice focusing on insider threats and cyber security.

  • Mr. Thompson has been involved with creating and managing Insider Threat Programs for numerous federal agencies. His work with the National Insider Threat Task Force led to the creation of the National Insider Threat Policy and Minimum Standards for Executive Agencies.
    Mr. Thompson is a Lawyer and also an active member of the Maryland Bar providing corporate legal services pertaining to employee investigations and security program creation.

 

Curtis H. Chappell, ISP
Sr. Director, Corporate Security / Insider Threat Program Manager
DRS Technologies, Inc.

  • Mr. Chappell is the Senior Director of Corporate Security at DRS Technologies, Inc., a Proxy Company headquartered in Arlington, VA, supporting Corporate Security oversight for all DRS Security activities, including Program Manager for Insider Threat and FOCI programs.

  • DRS Corporate has recently received the James S. Cogswell Award and is a two-time recipient of the DSS Award for CI Excellence.

  • DRS is a leading supplier of integrated products, services and support to military forces, intelligence agencies and prime contractors worldwide. As Finmeccanica North America, DRS represents the U.S. market as a wholly owned subsidiary of Finmeccanica S.p.A., one of the top ten global players in Aerospace, Defense and Security.

 

Trevor A Odell
Director, IT Security & Assurance
BAE Systems, Inc.

  • Mr. Trevor Odell joined BAE Systems, Inc. in 2007 as the Manager of IT Security for the Land and Armaments sector, working inside the Industrial Security program. In December 2010 he joined headquarters staff as the Director, IT Security and Assurance working for Thomas Langer, VP of Security – BAE Systems, Inc.

  • Mr. Odell in his current role, he is focused on Enterprise Risk Management as evidenced in FOCI Mitigation, ECP compliance, Security Governance and Counterintelligence / Cyber Risk Management, Insider Threat Management and the protection of Customer – Company – and National Security Information. As part of his Counterintelligence work, he spends one day each week in Quantico as BAE Systems representative to the Counterintelligence Partnership with Industry Program run by DSS. Although his work is primarily governance and strategic in nature, he works with all lines of business on a weekly basis ensuring the appropriate levels of protection are applied to business initiatives to minimize risk to the information entrusted to us and maximize the ability of the business to operate successfully.

  • Mr. Odell came to BAE Systems after spending 10 years at Pitney Bowes, Inc. in various security management roles both tactical and strategic. Pitney Bowes, Inc. is the leading global provider of postal meters, mail enabling technologies and mail integration solutions with 30,000 employees worldwide.
    Prior to Pitney, Mr. Odell spent 5 years working at global specialty chemical company - Witco, as a network security engineer / architect with identity and access control responsibilities serving operations in 7 countries and before that as the systems / network engineer and software developer for the leading provider of IPO Management Services for Wall Street, CommScan. In his work at CommScan, he interacted daily with senior executives and business partners at all of the investment banks in the US and the majority of the major international investment banks.'

  • Mr. Odell has spoken at security conferences on subjects ranging from “Strategies for the protection of Personally Identifiable Information (PII), including social security numbers, credit card data, financial information and personal health information (PHI)”, “Cloud Security” and most recently “Using Open Source Intelligence for Reconnaissance”. In the past he hosted several webinars focused on educating attendees on the effective implementation of data loss prevention solutions.

  • In his career he has worked under an alphabet soup of regulatory requirements including - PCI-DSS, GLBA, HIPAA, PIPEDA, CANSPAM, EU Data Privacy, FDIC, BASEL II, Sarbanes Oxley, and most recently the Laws and Regulations governing the protection of Classified, Controlled Unclassified and Export Controlled Information.

  • Mr. Odell holds a Bachelor of Fine Arts degree from Ithaca College, in Ithaca NY.


 

PAST MEETING

Date:

September 17, 2015
 

Time:

10PM-12PM


Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)

11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124

Parking
Parking is available on the JHU-APL Campus. Parsons Auditorium is located in Lobby 1. Enter the campus from Johns Hopkins Road onto APL Drive. You may park in the lot on your left labeled for visitors, adjacent to Lobby 1. You will enter the building at Lobby 1. When you leave for the day, please stop by the receptionist desk to receive the parking code for the visitors parking lot.
JHU-APL Campus Map

 

Link To NITSIG Meeting Tickets On Eventbrite:

The cost to attend is FREE. Please visit the link below to reserve your seat at the meeting. Seating is limited, so please register early.

https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-9-17-15-tickets-17944701084

 

NITSIG Meeting Announcement / Agenda For September 17, 2015

 

 

Topics Of Discussion Will Include;

  • Insider Threat Program Development

  • How To Gain Buy-In And Support From Senior Management

  • The Legal Aspects Of An Insider Threat Program (Civil Liberties, Privacy, User Activity Monitoring, Investigations, Termination)

  • The Importance Of Creating An Insider Threat Program Working Group

  • How To Define The Scope Of An Insider Threat Program (Going Beyond National Insider Threat Policy, NISPOM Conforming Change 2 Requirements)

  • The Behavioral Indicators Of Concern To An Insider Threat Program (Witting, Unwitting)

  • What Are The Essential Data Sources That Will Support An Insider Threat Program (Technical, Non-Technical)

  • How To Build Insider Threat Awareness (ITA) Into The Workforce To Detect And Report Potential Insider Threats (Free ITA Sources Available)
     

Bio’s Of Guest Speakers:
Neil C. Carmichael, Jr. - National Archives And Records Administration (NARA)
Insider Threat Program (ITP) Manager

Serving As The NARA ITP Manager Mr. Carmichael:
Drafted the NARA Insider Threat Policy.
Developed staffing requirements for the Insider Threat Program and drafted position descriptions and requirements for Insider Threat Program Analyst and IT Security.
Developed NARA’s Insider Threat Program Training and Awareness Program.
Implemented an Insider Threat Detection and Prevention Program.
Coordinate NARA’s Insider Threat Program with the National Insider Threat Task Force (NITTF).
Perform self-assessment for compliance with policies and standards issued by the (NITTF).

 

Michael Caimona - Boeing Integrated Information Systems (IIS)
Director Of Strategy For Boeing IIS
Mr. Caimona in this capacity, is responsible for developing, communicating and executing a complex business strategy for Boeing’s line of business that supports the U.S. National Security Community.
Mr. Caimona also guides all of IIS's business operations for critical mission areas to include Cyber Network Operations, national and local law enforcement operations, Joint Department of Defense (DoD) organizations, counter terrorism organizations, Insider Threat Operations, Special Operations elements and several U.S. Federal Civilian Departments.
Most recently, Mr. Caimona established Boeing’s Advanced Analytics Team responsible for Insider Threat detection and mitigation.
 

 

Bio’s Of Supporting Speakers:
Jim Henderson – CEO Insider Threat Defense, Inc. / Founder-Chairman Of NITSIG
Insider Threat Program Training Course Instructor / Insider Threat Risk Mitigation Analyst
In 2014 Mr. Henderson created the NITSIG. The NITSIG is the largest group of Insider Threat Risk Mitigation Professionals. The NITSIG provides Insider Threat Risk Mitigation guidance to individuals working for the: U.S. Government, DoD, IC, Defense Industrial Base contractors and businesses.
Mr. Henderson currently teaches an Insider Threat Program Management Training Course and provides Insider Threat Risk Mitigation Services to U.S. Government agencies, the DoD, Defense Industrial Base contractors and businesses.
Mr. Henderson previously worked for the DoD Insider Threat Counterintelligence (ITCIG) Group (DoD Contractor), and assisted the DoD ITCIG in establishing a comprehensive and structured DoD Enterprise Insider Threat Program (ITP) Risk Management Framework (RMF). The ITP RMF integrated the security disciplines of Counterintelligence (CI), Security and Information Assurance (IA). The ITP RMF defined the baseline activities to be conducted by DoD Combatant Commands, Services and Agencies to support their ITP's. The National Insider Threat Policy was built off of the ITP RMF.

 

Mike Miller – Tanager, Inc. / NITSIG Co-Chair
Chief Operating Officer; Vice President, Insider Threat Program Coordinator At Tanager, Inc.
In 2014 Mr. Miller was selected as the Co-Chair for the National Insider Threat Special Interest Group (NITSIG). The NITSIG was chartered to help facilitate Insider Threat Program information collaboration between the various stakeholders tasked with implementing and supporting the insider threat mission.
Mr. Miller serves as the Chief Operating Officer and Vice President in charge of all Insider Threat Programs at Tanager. Mr. Miller is responsible for all Tanager Insider Threat Programs across the Intelligence Community, Department of Defense, Federal agencies and commercial sector. Mr. Miller has played a valuable role in the insider threat mission maturity across the Intelligence Community and Department of Defense.
Mr. Miller is the Insider Threat Program coordinator for Tanager’s Insider Threat Program and was responsible for developing a robust program consisting of a charter, Concept of Operations (CONOPS), User Activity Monitoring (UAM) and data correlation / link analysis solution for protecting Tanager’s employees, data and customers.

 


 

PAST MEETING

Date:

July 16, 2015
 

Time:

10PM-12PM


Location:
Johns Hopkins University Applied Physics Laboratory (JHU-APL)

11100 Johns Hopkins Road
Laurel, MD 20723-6099
Parsons Auditorium / Building 1
Room S124
Please Note: Guests will not need to go through the security perimeter.

Parking
Parking available on JHU-APL Campus.
 

 

Topics Of Discussion Will Include;

  • Insider Threat Program Development & Implementation - (Jim Henderson / Mike Miller / Shawn Thompson)

  • Behavioral Indicators Of Concern - (Dr. Rob Gallagher / Guardian Defense Group)

  • Legal Considerations When Developing / Managing An Insider Threat Program (Attorney Shawn Thompson)

The NITSIG welcomes input from attendees at the meeting. A collaborative environment with information sharing is a first step at insider threat risk mitigation.
 

 

Link To NITSIG Meeting Tickets On Eventbrite:

The cost to attend is FREE. Please visit the link below to reserve your seat at the meeting. Seating is limited, so please register early.

https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-7-16-15-tickets-17445802866

 

 

Speaker's Bio's:
Jim Henderson

Jim is the CEO Insider Threat Defense and the Founder / Chairman Of The NITSIG. Jim currently teaches an Insider Threat Program Management Training Course to U.S. Government agencies, Defense Industrial Base contractors and businesses. Jim previously worked for the DoD Insider Threat Counterintelligence (ITCIG) Group (DoD Contractor), and assisted the DoD ITCIG in establishing a comprehensive and structured DoD Enterprise Insider Threat Program (ITP) Risk Management Framework (RMF). The ITP RMF integrated the security disciplines of Counterintelligence (CI), Security and Information Assurance (IA). The ITP RMF defined the baseline activities to be conducted by DoD Combatant Commands, Services and Agencies to support their ITP's. The National Insider Threat Policy was built off of the ITP RMF.

 

Mike Miller

Mike Miller serves as the Chief Operating Officer and Vice President in charge of all Insider Threat Programs at Tanager. In this role, Mr. Miller’s has helped establish Tanager as a respected, award-winning Cyber and Insider Threat mitigation service provider, both regionally and nationwide. Under his management, Tanager consistently achieves year-over-year growth, expanding its customer base each year. Mr. Miller has over 21 years of combined system engineering and insider threat experience, of which 16 of those years have been with Tanager.

For the first 16 years of Mr. Miller’s career he performed system administration and system engineering services in the commercial sector, Intelligence Community and National Security Agency. For the past 5 ½ years Mr. Miller has played a valuable role in the insider threat mission maturity across the Intelligence Community and Department of Defense. Mr. Miller is responsible for all Tanager Insider Threat Programs across the Intelligence Community, Department of Defense, Federal agencies and commercial sector. In 2014 Mr. Miller became Co-Chair for the National Insider Threat Special Interest Group (NITSIG). The NITSIG was chartered to help facilitate Insider Threat Program information collaboration between the stakeholders tasked with implementing and supporting the insider threat mission. Mr. Miller is the Insider Threat Program coordinator for Tanager’s Insider Threat Program and was responsible for developing a robust program consisting of a charter, Concept of Operations (CONOPS), User Activity Monitoring (UAM) and data correlation/link analysis solution for protecting Tanager’s employees, data and customers.

 

 

Dr. Rob Gallagher
Prior to going into the private sector last year, Dr. Gallagher spent nearly twenty years in the security and operational side of behavioral science, both in the military and as a civilian with multiple intelligence agencies.
Dr. Gallagher most recently was Chief of Behavioral Sciences for the Defense Intelligence Agency (DIA / DCHC). In his varied roles he had the opportunity to look at threats to national security from many angles. He had the unique opportunity to apply his knowledge of human dynamics and espionage in both offensive and defensive capacities.
Dr. Gallagher served as Counterintelligence Psychologist for the Office of Security at NSA. He is one of the only Psychologists in the nation to hold both a Doctoral Degree and to have been credentialed as a Special Agent.
Dr. Gallagher previously held the position of Chief of Screening for the DOD Counterintelligence and HUMINT Center.

 

 

Shawn Thompson
Mr. Shawn Thompson is the Vice President for Enterprise Security Risk Management at InfoTeK Corporation. In that capacity, he manages a robust and innovative risk management practice focusing on insider threats and cyber security.
Mr. Thompson possesses over 15 years of experience investigating, prosecuting, and managing insider threats. He is widely recognized for his expertise and the scope and breadth of his experience. He is a pioneer in the field of Enterprise Security Risk Management.
Mr. Thompson has been involved with creating and managing Insider Threat Programs for numerous federal agencies. His work with the National Insider Threat Task Force led to the creation of the National Insider Threat Policy and Minimum Standards for Executive Agencies.
Mr. Thompson has served as a trusted broker advising both government and corporations on managing insider threats.
Mr. Thompson is also an active member of the Maryland Bar providing corporate legal services pertaining to employee investigations and security program creation.

 


 

PAST MEETING

Date:

April 17, 2015
 

Time:

10PM-12PM


Location:
Ernst & Young LLP
1101 New York Avenue N.W.
Washington, DC 20005, USA
3rd Floor

Metro:
McPherson Square & Metro Center

Parking
Parking available in the building and surrounding buildings, as well as street parking.
The building is actually on I (“eye”) Street between 11th and 12th
 

Topics Of Discussion Will Include;
Insider Threat Investigations
Special Agent Jorge Rios - Defense Criminal Investigative Service
Real Life Insider Threat Incident From NITSIG Member
Conducting Insider Threat Investigations. (Jim Henderson / Mike Miller)
Gaining Buy-In From Legal Departments To Conduct Data Gathering And Analysis In Support Of Insider Threat Programs.
Implementing An Employee Monitoring Program.
Staffing Insider Threat Programs. Training Needed, Prioritizing Skill Sets.

The NITSIG welcomes input from attendees at the meeting. A collaborative environment with information sharing is a first step at insider threat risk mitigation.
 

Link To NITSIG Meeting Tickets On Eventbrite:

The cost to attend is FREE. Please visit the link below to reserve your seat at the meeting. Seating is limited, so please register early.

https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-4-17-15-tickets-16210976467

 

 

Speaker's Bio's:
Jim Henderson

Jim is the CEO Insider Threat Defense and the Founder / Chairman Of The NITSIG. Jim currently teaches an Insider Threat Program Management Training Course to U.S. Government agencies, Defense Industrial Base contractors and businesses. Jim previously worked for the DoD Insider Threat Counterintelligence (ITCIG) Group (DoD Contractor), and assisted the DoD ITCIG in establishing a comprehensive and structured DoD Enterprise Insider Threat Program (ITP) Risk Management Framework (RMF). The ITP RMF integrated the security disciplines of Counterintelligence (CI), Security and Information Assurance (IA). The ITP RMF defined the baseline activities to be conducted by DoD Combatant Commands, Services and Agencies to support their ITP's. The National Insider Threat Policy was built off of the ITP RMF.
 


Mike Miller

Mike Miller serves as the Chief Operating Officer and Vice President in charge of all Insider Threat Programs at Tanager. In this role, Mr. Miller’s has helped establish Tanager as a respected, award-winning Cyber and Insider Threat mitigation service provider, both regionally and nationwide. Under his management, Tanager consistently achieves year-over-year growth, expanding its customer base each year. Mr. Miller has over 21 years of combined system engineering and insider threat experience, of which 16 of those years have been with Tanager.

For the first 16 years of Mr. Miller’s career he performed system administration and system engineering services in the commercial sector, Intelligence Community and National Security Agency. For the past 5 ½ years Mr. Miller has played a valuable role in the insider threat mission maturity across the Intelligence Community and Department of Defense. Mr. Miller is responsible for all Tanager Insider Threat Programs across the Intelligence Community, Department of Defense, Federal agencies and commercial sector. In 2014 Mr. Miller became Co-Chair for the National Insider Threat Special Interest Group (NITSIG). The NITSIG was chartered to help facilitate Insider Threat Program information collaboration between the stakeholders tasked with implementing and supporting the insider threat mission. Mr. Miller is the Insider Threat Program coordinator for Tanager’s Insider Threat Program and was responsible for developing a robust program consisting of a charter, Concept of Operations (CONOPS), User Activity Monitoring (UAM) and data correlation/link analysis solution for protecting Tanager’s employees, data and customers.
 


 

PAST MEETING

 

Date:

January 21, 2015
 

Time:

1PM-3PM
 

Location:

Experian Public Sector Offices
900 17th Street, NW
Suite 1050
Washington, DC 20006

 

Topic:

Developing An Insider Threat Program For Government Agencies / Defense Industrial Base (DIB) Contractors
 

Link To NITSIG Meeting Tickets On Eventbrite:

The cost to attend is FREE. Please visit the link below to reserve your seat at the meeting. Seating is limited, so please register early.
https://www.eventbrite.com/e/national-insider-threat-special-interest-group-meeting-1-21-15-tickets-13055741073

 

 

Topics Of Discussion Will Include;
Requirements For An Insider Threat Program (U.S. Government / DIB Contractors)
Organizational Departments That Can Support An Insider Threat Program
Data Sources To Support An Insider Threat Program
Insider Threat Awareness And Reporting
User Activity Monitoring And Tools For The Detection Of Activity Indicative Of Insider Threat Behavior
 


Speaker's Bio's:
Jim Henderson

Jim is the CEO Insider Threat Defense and the Founder / Chairman Of The NITSIG. Jim currently teaches an Insider Threat Program Management Training Course to U.S. Government agencies, Defense Industrial Base contractors and businesses. Jim previously worked for the DoD Insider Threat Counterintelligence (ITCIG) Group (DoD Contractor), and assisted the DoD ITCIG in establishing a comprehensive and structured DoD Enterprise Insider Threat Program (ITP) Risk Management Framework (RMF). The ITP RMF integrated the security disciplines of Counterintelligence (CI), Security and Information Assurance (IA). The ITP RMF defined the baseline activities to be conducted by DoD Combatant Commands, Services and Agencies to support their ITP's. The National Insider Threat Policy was built off of the ITP RMF.

Mike Miller

In 2010 Mike was tasked as the lead engineer and project manager for assisting the government with implementing an Insider Threat Program at the Defense Intelligence Agency (DIA) and still supports that customer today. Mike worked in all facets of the Insider Threat Program, such as engineering and design of the user activity monitoring (UAM) implementation, concept of operations (CONOPS) for the analysis mission and standard operating procedures (SOPs) for the engineering support. Mike is also involved with organizations and agencies tasked with implementing Insider Threat Programs.

 

 

Copyright © 2021- National Insider Threat Special Interest Group ™ - All Rights Reserved - Legal Notice