Insider Threat Symposium & Expo
Sponsored By Veriato
Global Leader In Employee
is excited to
that it will hold a
1 day Insider Threat Symposium & Expo ™
September 10, 2019, at the
Johns Hopkins University - Applied Physics Laboratory, in Laurel,
For the most up to date information on the ITS&E, please send an e-mail
and you will be added to the distribution list for the NITSIG and ITS&E
Insider Threat Symposium & Expo Overview
will be the 4th annual Insider Threat Symposium & Expo (ITS&E) that the NITSIG
ITS&E is the most recognized event for expert guidance on Insider Threat
The NITSIG has lined up another group of outstanding speakers
for this event. Our
speakers have Hands On Experience,
in Insider Threat Program Management and Insider Threat Mitigation.
The confirmed speakers can be found below.
Some of the many great comments that were provided to the NITSIG about
past ITS&E events, were the outstanding speakers and the large selection of
vendors that were on display. Attendee comments are listed further down
on this page.
ITS&E is a must attend event for individuals
working for the U.S. Government, State Governments, Department of
Defense, Intelligence Community Agencies,
Providers, Defense Contractors, Airport / Aviation
Security, Space Craft Manufacturing / Launch Providers, Banking-Finance Industry, Health Care Industry,
Chemical Industry, and other large and small businesses.
Will Provide Attendees With Guidance From Expert Speakers On:
What Knowledge Will
You Take Away From The Symposium?
Attendees will leave the symposium with an in-depth
understanding of how to develop, implement, manage or enhance an Insider
Threat Program, and have the in-depth knowledge for
gathering, analyzing and correlating data sources to detect and mitigate
Insider Threat risks.
ITS&E will provide attendees with access
to a large network of security professionals for collaborating with on
all aspects of Insider Threat Mitigation.
The ITS&E is also very
well suited for any organization or business that is not required to
implement an Insider Threat Program, but is concerned with employee
threat identification and mitigation.
The NITSIG has complied some
reports, surveys and incidents
that should be of concern to all CEO's
and security professionals.
Speaker presentation topics and descriptions will be posted as they are
received from the speakers.
Missile Defense Agency
Counter-Insider Threat Program Manager
Insider Threat Incident Triage And Case Management
The Insider Threat
Hub plays a pivotal role in the successful management and mitigation of
insider threats. The Hubs triage process will enable an organizations
leadership the ability to manage and mitigate threats to agency
operations, workplace violence and harm to self in a manner that reduces
risk while protecting an individual's privacy and civil liberties. Mr.
East will discuss the Missile Defense Agency's Triage Process, and the
role and function of the Agency's Case Management Council.
Mr. East serves as the Counter-Insider Threat Program Manager
for the Missile Defense Agency (MDA) Counter-Insider Threat Program. As
the program manager Mr. East leads a team of analysts responsible for
identifying risks and vulnerabilities posed by insiders to MDA
personnel, facilities, critical information and agency operations.
Prior to becoming MDA's Insider Threat Program Manager, Mr. East served
in various in positions of increasing responsibility within the U.S.
Government. These include: Counterintelligence Special Agent with MDA's
Counterintelligence Division; Supervisory Special Agent, Department of
Energy Counterintelligence; and, Chief of Counterespionage (CONUS) 902d
Military Intelligence Group.
Naval Information Warfare Center
David T. Lang, CSEP,
Lead Functional Architect & Senior Technical Advisor
Navy Insider Threat Program
Counter Insider Threat Strategy: Engineer The Insider
Threat Program, Not The Tools
Almost every day I get e-mail touting the latest innovations for
counter Insider Threat tools. Big data analysis, user activity
monitoring, enterprise data aggregation, security information and event
management, and more. Yes, there are a lot of great tools out there, but
what do you need? What is your operational concept? What are you
protecting? How big is your enterprise? How big is your staff?
What technical expertise do you have available?
This presentation will provide a systematic approach to engineering and
architecting your Insider Threat Program so you can select the tools
that fit your organization and operational concept.
David T. Lang is a retired Air Force counterintelligence and
counterespionage Special Agent with a master’s degree in information
systems and professional certifications in systems engineering,
enterprise risk, information security, IT systems audit, and program
management. He currently works as the Senior Technical Advisor and Lead
Functional Architect for the U.S. Navy’s Insider Threat Program.
DoD Insider Threat Management & Analysis Center
Dr. Gallagher Senior Behavioral Science Advisor
User Activity Monitoring Results In The Department of Defense:
Trends & Response
This presentation will explore how the Department of Defense (DoD)
has responded to Executive Order 13587 and National Insider Threat Task
Force (NITTF) Minimum Standards requirement to establish user activity
monitoring on its networks. It will detail the insider threat trends
that have emerged thus far from those monitoring activities. Finally, it
will discuss how the DoD is adapting to better address these trending
threats now and in the future.
Dr. Gallagher of the
Guardian Defense Group,
has extensive experience training and consulting about the human side of
Insider Threat, Violence and Espionage. As a Clinical / Operational
Psychologist, former military Intelligence Officer, and Former Federal
Special Agent, he has had the opportunity to study and apply his
knowledge of human dynamics in a wide array of contexts.
Dr. Gallagher supports a contract with the DoD Insider Threat Management
and Analysis Center (DITMAC)
as the Senior Behavioral Science Advisor. In this role he consults on
the most concerning and high profile Insider Threat cases for civilian,
military and contract personnel across all 44 of the Department of
Defense component organizations. Dr. Gallagher serves as the Scientific
Director to National Insider Threat Special Interest Group.
Department Of Energy
Insider Threat Program Manager
Sr. Dir. Cyber Strategy & Product Management
Troll Farms: Converting Insiders To Insider Threats
Troll farms have become a commercial service for entities to
affect public sentiment and incite unrest through sophisticated
disinformation and psychological operations tactics for the modern era.
Successes can be measured by affecting the actions of only a few of the
targeted individuals. Combined with targeted campaigns via social media
to sow anti-government sentiment and other activist emotions, trusted
insiders could be turned into the next major insider threat
Patrick Knight is the Senior Director of Cyber Strategy and Product
Management at Veriato, an innovator in actionable user behavior
analytics and a global leader in insider threat protection helping
organizations protect critical data from threats by trusted insiders.
For over 17 years at companies like McAfee, Intel and Cylance, his cyber
security career has helped enterprises protect against online threats
through the development of anti-malware, network intrusion detection,
computer and network forensics and encryption technologies. He is a
writer and speaker on topics of cyber security and privacy in multiple
forums including Virus Bulletin and the NITSIG. He is a 12-year veteran
of the U.S. Intelligence Community and the United States Army in the
fields of Signals Intelligence and Cryptanalysis and a Russian and
Director Of Global Security Investigations & Insider Risk
Insider Risk Management At The Corporate Level
Lessons Learned From Developing Insider Threat Programs In
Fortune 100 Companies
Tim Kirkham is a retired supervisory special agent from the FBI
and a former city police officer. Tim has extensive overseas experience
and served in several countries as an accredited US Diplomat. Tim
retired in 2015 and accepted a position at Fortune 100 Company to create
and implement a holistic Insider Threat Program. After successfully
building the program, Tim accepted an offer from another Fortune 100
company to do it all over again.
Insider Threat Program Manager
Adapting & Evolving: Lessons Learned From Changing Security
Whether you are building an Insider Threat Program or have one
long-standing, there are consistent challenges in collecting the
information and support you need to be successful. While there is no
silver bullet that works for every organization, we would like to share
both successes and failures we have had with organizational structure,
data, tools, and executive support.
Ms. Courtney Healey has been with Equifax for nearly 3 years.
Prior to joining Equifax, she served as an Intelligence Analyst in the
Federal Bureau of Investigation (FBI). She holds a Masters in Public
Policy with emphasis in National Security.
Jon Mark Harrington, CFE
Director, Global Insider Threat & Data Loss Prevention Program
Cyber Threat and Intelligence
Global Technology-Information Security
Winning Hearts & Minds: Counting Insider Threats Goes Beyond InfoSec
Building and then honing
an industry-leading Insider Threat Program involves more than high-tech
information security tools. It takes close relationships, buy-in, and
actual participation from other key company components as well as senior
If one transitions from
the government, and is new to the private sector, the environment can
seem very different. Where should one begin? One approach involves
engaging the tactical, operational and strategic levels, simultaneously.
In doing so, there are several do’s and don’ts about which to be
mindful. For example, a do - maintain a consistent message - have a
message - on all three levels; a don’t – maintain a matter-of-fact
demeanor, especially with senior executives. There are many competing
priorities - making money or feeling more like a family than a
The Insider Threat
Professional must formulate their security strategy by sincerely
considering these competing priorities and using them to win the hearts
and minds of key individuals who will facilitate the program’s success.
Mr. Mark Harrington is a retired Air Force Human Intelligence
Officer with a master’s degree in international relations, an executive
master’s certificate in business administration, and a professional
certificate as a fraud evaluator. While in uniform, in addition to
serving at all levels of command, he also represented the Secretary and
Chief of Staff of the Air Force as a military diplomat in Brazil.
Following retirement, he remained in government service as a lead
evaluator with the Department of Defense Office of Inspector General. He
currently works as Director of the Global Insider Threat & Data Loss
Prevention Program at TransUnion in Chicago.
Speaker - Pending Approval
The Expo will provide attendees with visibility into
proven technologies and services (Currently Used By The U.S. Government
/ Private Sector) for Insider Threat detection, and mitigation. If you want to see Employee User Activity Monitoring /
Behavioral Analytical Tool demonstrations, this is the event.
Would your company
be interested in exhibiting at this event / expo? This is a very
important event for your company to showcase its commitment and
expertise in mitigating Insider Threats risks, but also your company's
products and services as well. Additionally, you will have a great
opportunity to collaborate with attendees on finding out their
interests, needs and challenges related to Insider Threat Mitigation.
If your company is interested in exhibiting at this event, please
contact Jim Henderson via
, or call; 561-809-6800
Vendors will be
listed below as they register for the
The Insider Threat Defense Group (ITDG) has become the Leading
Company for Insider Threat Program Development / Management Training
and Insider Threat Mitigation Services. We provide a broad
services to potential clients, that will
address Insider Threat Risks with a cost effective, comprehensive and
The ITDG has provided training and services to an impressive list of
550+ clients (In Over 14 U.S. States); U.S. Government Agencies
(Department of Defense, Intelligence Community), Defense Contractors,
Defense Security Service, Critical Infrastructure Providers, Fortune 500
Companies, Aviation / Airline Industry, Spacecraft Manufacturing- Launch
Providers, Technology Companies, Banking - Financial Industry, Health
Care Industry, and other large-small businesses and global corporations. Client Listing
Over 700+ individuals have attended our training and received ITP
Program Manager Certificates.
Our student satisfactions levels are in the exceptional range. We encourage you to read the
feedback from our students.
TRAINING PRICING FOR ITS&E
Due to the high number of requests,
the Insider Threat Defense Group will be offering deeply discounted ITP
Development - Management Training, the day before (September 9) the
ITS&E. (Cost: $695.00
- Normal Pricing: $1295.00) Don't let the discounted pricing fool
you. This training is the most comprehensive and resourceful
Insider Threat Mitigation training available.
This training will be held at the Johns Hopkins University - Applied
Physics Laboratory, in Laurel, Maryland, in the Kossikoff Center
training rooms. There is LIMITED SEATING
for this training. (52 Seats Available)
Veriato is an innovator in Insider
Threat Detection and a global leader in Employee Monitoring Software.
Driven by AI, more than 42,000 companies and government entities
worldwide utilize Veriato to gain unmatched insight into the User
Activity occurring on their network. Veriato’s product line includes the
Veriato Cerebral, Veriato Investigator and Veriato RansomSafe.
federal, state or local agency, public safety or educational
organization, TransUnion’s suite of mission-critical solutions provides
the public sector with vital information and an unmatched combination of
credit and non-credit data to help ensure citizen safety, manage
compliance and boost services for constituents served. Our comprehensive
and unique sets of credit, criminal and public data, coupled with
flexible analytics, help agencies detect and prevent cyber fraud, and
make connections between people, businesses, assets and locations.
Our experience has given us a deep understanding of the challenges
facing your organization, your service requirements, and the factors
that impact your daily operations.
Dtex provides organizations across the
globe with the complete, user-focused visibility needed to strengthen
enterprise security posture and effectively manage insider threats.
Dtex’s Modern User Activity Monitoring combines high-fidelity user
activity data with machine learning and advanced analytics to pinpoint
anomalies in real time, elevate areas of risk, generate actionable
insights, and provide answers quickly. Collecting only the lightweight
data needed to identify risky behaviors, Dtex can be deployed and scaled
quickly with no impact on network, endpoint or human performance and
without impeding user privacy.
threats takes a lot more than just correlating network data. It requires
the ability to analyze 'whole-person' behavior — rapidly, continuously
and at scale.
Our Haystax For
Insider Threat solution was designed from the ground up to:
assesses the trustworthiness of individuals, not just user activity on
networks and devices like conventional machine-learning or rules-based
Uses a probabilistic
model that analyzes evidence from a wide array of data sources to
prioritize risk rather than generate excessive false-positive alerts
that overwhelm analysts.
Provides a user
interface that mirrors current analyst terminologies and workflows.
government agencies and large commercial enterprises, as well as state
and local public-safety organizations, rely on Haystax for more
effective protection of their critical systems, data, facilities and
people. A U.S. defense agency has called Haystax for Insider Threat the
"only known system for prioritizing personnel according to positive and
negative nodes of trust."
AC GLOBAL RISK
AC Global Risk (ACGR) is a
Silicon Valley-based technology company that developed Remote Risk
Assessment (RRA®) to uncover human risk across the commercial and
government markets. RRA’s capabilities are the output of 10 years of
development, 2-year market evaluation, countless customer trials, and
Remote Risk Assessment (RRA®) is a sophisticated system that uses unique
voice analytics processes to evaluate and quantify distinct
characteristics of the human voice related to risk. RRA is a highly
accurate, automated, high-throughput risk assessment technology that has
been vetted by military and commercial customers.
RRA takes under 10 minutes
- over the phone, remote team, or on-prem
Light touch with simple
YES / NO responses to 3-6 automated questions - no PII is required
Works in any language -
already used in English, Spanish, Pashto, Farsi, Tagalog, and Somali
97.62% accurate on latest
Used for HR screening,
counter green-on-blue, counterintelligence, insider threat mitigation,
fraud / incident / loss investigations, 3rd party audits, and IP
Capgemini’s Arena ITI™
provides organizations of any size with proactive identification of
potential insider threat activity, built on industry-leading experience
Arena ITI™ is an award-winning solution that takes a holistic approach
to detecting insider threats. Arena ITI™ assesses both the employees’
cyber footprint and their non-IT behaviors in a single platform to
produce earlier and more accurate insider threat detection by:
from company and third-party data sources
Aggregating data through
predefined risk models and scoring
Drilling down for advanced
analysis, further investigation and reporting
Arena ITI™ is an important
part of an Insider Threat program, it provides context and insight for
security teams to focus their limited resources on assessing the
behaviors of high-risk individuals and intervening prior to the
occurrence of a hostile event.
A comprehensive insider risk program requires people, processes, and
tools, acting collectively to achieve the greatest benefit and return on
investment. Capgemini also provides Insider Risk Assessments and Insider
Risk Program Development.
simplifies insider threat detection and breach prevention with machine
learning and a fully-customizable policy engine. The platform automates
employee training the instant they make a mistake, applies policies
while data is in motion to prevent data loss, and provides the fastest
threat hunting and forensic capabilities for investigations.
Location / Registration
Johns Hopkins University - Applied
Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Right Off Of Johns Hopkins Road Onto Pond Road - See
Map Under Parking Information Below)
Laurel, MD 20723-6099
- Hotels Near JHU-PL
DoubleTree by Hilton Hotel Laurel (7.1 Miles)
Courtyard by Marriott Silver Spring North / White Oak, Maryland (8.8
SpringHill Suites By Marriott / Columbia, Maryland (5.0 Miles)
JHU-APL Visitor Guide
(See Page 8 For Hotels)
NITSIG ITSE JHU-APL Laurel, Maryland Map
Complimentary Lite Breakfast & Lunch Voucher For JHU-APL Cafeteria
to increased costs to host this event, the NITSIG will be charging a
small fee to attend this event (Open To Non-NITSIG Members)
Limited # Of Tickets (500)
substitutions must be received no later than 7 business days prior to
the start of this event. Please send an email with your full name and
organization, and the name, email and position title of the individual
who be attending in your place. Please send substitute information to:
Substitutions made after this date will be processed at the event
Food / Beverages
baked morning muffins, danish and bagels. Served with regular and
low-fat cream cheese, butter and jam.
coffee, decaf coffee, hot tea, dispensers of ice water
$10.00 coupon provided to
attendees to use at JHU-APL Cafeteria. This will cover most lunches.
Lunch is also available at surrounding food
coffee, decaf coffee, hot tea, dispensers of ice water
Complementary WiFi will be provided.
Comments From Past ITS&E Events
I would like to take the
time to thank you for the NITSIG Insider Threat Symposium that I
attended last week. I am fortunate enough to be able to attend security
conferences regularly and I have to tell you, this was one of the most
informative and relevant that I have attended in years. The speakers
were informative and there was a wide variety of subject matter that I
Assistant Facility Security Officer
WorldWide Language Resources, LLC
I really enjoyed the conference last week and assisting with
Registration. The Speakers that you had were awesome. Thanks again for
hosting this event for the community.
Ernie R. Fedewa Jr.
InCadence Strategic Solutions Corp
Security & Compliance Director
The Symposium and Expo was excellent. It was great to hear all the
speakers and I took away loads of information from each.
Booz | Allen | Hamilton
I really enjoyed the Insider Threat Symposium yesterday. You had great
speakers presenting and there was a lot of valuable information shared.
I look forward to the next symposium.
Thales Defense & Security, Inc.
I wanted to thank you for your efforts to put on a great symposium
today. I did get a chance to take in some great briefs, talk to some
vendors about some really interesting products and do a lot of good
networking. So, I would call that a big success. Please put me on the
mailing list for future products and gatherings that NITSIG is a part
Jacobian Enterises, LLC
Owner, Chief Insider Threat & Risk Management SME
Your inaugural conference was a clear success judging by the significant
number of attendees who stayed until the very last hour. Steven
McIntosh’s presentation was wonderfully organized and addressed many of
the underlying issues associated with implementing Insider Threat
Programs. Ron Ross (NIST), DeWayne Sharp (FBI), Greg Pannoni and
Kathleen Branch also garnered good feedback, as did Mike Caimonao of
Boeing. Lastly, you clearly hit a home run with Kurt Stammberger’s
presentation of Norse’s insight into the Sony breach.
Cyber Security / Business Development Consultant
must be a U.S. Citizen to attend this event. A valid Drivers License or
U.S. Government issued ID is required at the door.
event IS NOT open to the
Continuing Professional Education Credits
will be eligible to earn 8 Continuing Professional Education (CPE)
Credits to go toward your security certification CPE requirements.
For more information on becoming a NITSIG Member (No Cost), please see
the link below:
Please send any questions about this event via
Or call; 561-809-6800