National Insider Threat Special Interest Group (NITSIG)

U.S. / Global Insider Risk Management (IRM)

Information Sharing & Analysis Center

 

Educational Center Of Excellence For IRM & Security Professionals

 

 

 

PREMIER SPONSOR

COGILITY
Whole Person, Counter-Insider Threat Management Platform

 

 

 

 

ABOUT THE NITSIG
The NITSIG was created in 2014, to function as a National Insider Threat Information Sharing & Analysis Center. We are very proud that we have accomplished this goal, from the continued growth of the NITSIG membership, and the very positive comments we continue to receive from our membership, and from others who attend our meetings and events.

The NITSIG Membership is the largest network (1000+) of Insider Risk Management (IRM) Professionals in the U.S. and globally. The willingness of our members to collaborate and share information among the membership has been the driving force that has made the NITSIG very successful. There is NO CHARGE to become a NITSIG Member. (Join NITSIG)

Attendees of NITSIG meetings, workshops and ITS&E events have provided the NITSIG will exceptional comments that be found on this link.
 

If you are interested in learning more about just how damaging (Million To Billions) an Insider Threat incident can be to an organization, the monthly Insider Threat Incidents Reports produced by the NITSIG, provide an EYE OPENING view.
 


ITS&E OVERVIEW

The NITSIG ITS&E was created in 2015 specifically for individuals interested in gaining in-depth knowledge related to Insider Threat Program Development, Management, Evaluation & Optimization and IRM.

The will be the 5th ITS&E. Other ITS&E events were held in 2015, 2017, 2018, 2019. Attendance for ITS&E event ranges between 250 to 500 people.

 

The NITSIG will be holding the ITS&E on March 4, 2025, at the Johns Hopkins University Applied Physics Laboratory (JHU-APL, Laurel, Maryland), in the Kossiakoff Center. The event starts at 8AM and ends at 5PM. Registration information is located further down this page.

 


SYMPOSIUM OVERVIEW
The NITSIG has lined up another group of outstanding speakers for this event, that have real word experience in managing or supporting IRM Programs. The confirmed speakers can be found further down this page. The speaker agenda is being finalized.

This years ITS&E is being enhanced to better support the attendees of this event. In addition to our speakers, the ITS&E will feature a panel of experts that will discuss a variety of IRM topics.

 

 

The ITS&E Will Provide Attendees With The In-Depth Knowledge That Is Critical For An IRM Program In The Following Areas And More

  • Guidance on the Legal Considerations for an IRM Program

  • Guidance on how to gain buy-in from the CEO and key stakeholders to support and enhance the IRM Program

  • Guidance on how to identify your organizations existing IRM capabilities / security foundations and the additional security investments ($$$) needed for a comprehensive IRM Program

  • Guidance on how to identify, prevent and mitigate the risks and threats caused by malicious / disgruntled employees that can be very costly and damaging

  • Guidance on how to develop, manage, evaluate and optimize an IRM Program that is comprehensive, and goes beyond compliance regulations such as National Insider Threat Policy and NIPSOM Conforming Change 2

  • Guidance on understanding the many underlying and interconnected components that are critical for a holistic and robust IRM Program

  • Guidance on understanding how to approach IRM from a Strategic, Operational and Tactical perspective

  • Guidance on evaluating your organizations existing Insider Threat Detection capabilities for computer systems and networks

  • Guidance on understanding how artificial intelligence (AI) can be used for indentifying insider risks and threats, to create a holistic / whole person profile that will better enable an organizations ability to prevent or mitigate harmful actions by employees
     

The ITS&E brings together individuals from the U.S. Government, Department Of Defense, Defense Contractors, Intelligence Agencies, Law Enforcement, Critical Infrastructure Providers, Universities, private sector companies and others interested in IRM.

The ITS&E features expert speakers, engaging panel discussions, interactive sessions, vendor technologies and solutions, and networking with IRM practitioners.

 

2025 ITS&E Brochure

 


 

Symposium Speakers

The Following Speakers Will Be Presenting.

 

Larry Knutsen / Retired CIA Insider Threat Program Manager

Topic: IRM Program Development, Management Evaluation & Optimization

  • Mr. Knutsen is a retired Senior Intelligence Service Officer with the Central Intelligence Agency (CIA), with 30 years of service.

  • Mr. Knutsen was responsible for creating the vision, and leading the implementation and management of the CIA's sophisticated Counterintelligence and Security Technical Insider Threat Detection Program, which became recognized as the ‘Gold Standard’ for the U.S. Government and Intelligence Community Agencies.

  • Mr. Knutsen led a CIA team of technical and policy experts, in response to unauthorized disclosure of classified information to WikiLeaks.

  • Mr. Knutsen has supported both commercial and government customers to enhance their IRM Programs.

  • The presentation will discuss the many complexities and interconnected cross departmental components that are needed for a comprehensive IRM Program. (Bio Page 9)


 

Frank Greitzer, PhD / Chief Behavioral Scientist For Cogility Software


Topic:
Advanced Behavioral Analytics For Predictive Insider Threat Mitigation

  • Dr. Greitzer is the Chief Behavioral Scientist at Cogility Software. He is also the Principal Scientist of his consulting company, PsyberAnalytix, which he founded in 2012.
     

  • An internationally recognized researcher in the intersection of social / behavioral sciences and information security / insider threats, Dr. Greitzer has supported the development and deployment of predictive analytic counter-insider threat tools and resources for over twenty years, including the widely used insider threat risk indicator knowledge base, Sociotechnical and Organizational Factors for Insider Threat (SOFIT).
     

  • Dr. Greitzer's previous roles include work as a research psychologist for the US Department of Defense, a human factors and AI researcher in the aerospace industry and he served for twenty years as a Chief Scientist in cognitive informatics at the U.S. Department of Energy’s Pacific Northwest National Laboratory.
     

  • Dr. Greitzer served as editor-in-chief for the inaugural issue Counter-Insider Threat Research and Practice. His contributions to research and practice include numerous journal articles, conference papers, and invited talks.
     

  • The presentation will discuss his research on insider risk indicators and the SOFIT knowledge base, which informs a holistic, unified threat assessment modeling approach that applies advanced concepts for whole-person insider risk mitigation within Cogility's continuous intelligence platform, Cogynt, which integrates artificial intelligence (AI), streaming analytics, and case management to augment IRM decision-making.



Shawn Thompson / Insider Risk Program Performance Management / Legal Expert

Topic: IRM Program Legal Considerations, Program Capabilities & Assessments

  • Mr. Thompson will offer legal insights into IRM, drawing from his experience in DoD and FBI legal affairs.

  • Shawn served in roles as Special Agent, DoD Senior Litigation Attorney, FBI Assistant General Council, and Chairman, Insider Threat Mission Group, Office of the Director of National Intelligence.

  • Mr. Thompson is the CEO of the Insider Threat Management Group, and provides IRM consulting services to Fortune 100 / 500 companies. (Bio Page 8)


 

Todd Masse & Bill Smith / JHU- APL IRM Program

Topic: IRM Program Investigations & Analysis Perspective

  • Mr. Masse and Mr. Smith bring a wealth of knowledge from managing and supporting the IRM Program for JHU-APL.

  • Their presentation will focus on the challenges of managing and investigating insider risks and threats from a programmatic and analytical perspective. (Bio Page 13).

..888.

 


 

Kevin Burton / Vice President, IRM Lead At Synchrony Financial

Topic: IRM Programs From A Banking Perspective

  • Mr. Burton brings his deep expertise in banking and cybersecurity to the IRM landscape.

  • Mr. Burton manages the IRM Program and technical investigations at Synchrony Financial.

  • Mr. Burton was previously the Director of Cyber Insider Threat and Technical Investigations at Capital One.

  • The presentation will focus on the unique challenges and strategies for managing insider risks within the banking sector. (Bio Page 12)


 

Zak Lewis / EchoMark

 

Topic: Insider Threat Leak Detection Tool

  • EchoMark offers a powerful solution using invisible embedded forensic watermarks (Text, Image) that can both deter unauthorized sharing and also trace information wherever it ends up.

  • Whether it’s a forwarded email, a printed document, or a shared file, you can effectively use EchoMark to safeguard your most sensitive data and communications.
     

  • A product overview and demonstration of their revolutionary new product will be provided.


 

Cyber Security & Infrastructure Security Agency (CISA)

Topic: Insider Threats In The Critical Infrastructure

  • William Brown and Chris Brogger from CISA will discuss the evolving landscape of insider threats within the various critical infrastructure sectors.

  • Their session will highlight the vulnerabilities and mitigation strategies that are essential for protecting the U.S critical infrastructure from insider risks and threats.

 


 

Navy Insider Threat Program

Topic: Overview Of The Navy Insider Threat Program - From Vision To Implementation

  • Mr. Jack Summe currently serves as the Director of Naval Intelligence Security and Insider Threat (N7) within the Naval Intelligence Activity (NIA). He is responsible for the development, promulgation and implementation of Navy Special Security policy, the Navy Insider Threat Program, and the effective maintenance of Navy Background Investigation processes.
     

  • He serves as the principal advisor to the Deputy Chief of Naval Operations for Information Warfare on all Insider Threat programmatic matters. He was appointed as a Navy Defense Intelligence Senior Level (DISL) in January 2009.
     

  • Mr. Summe served as the Senior Advisor to the Deputy Assistant Secretary of Defense for Cyber Policy. Mr. Summe was responsible for the development of DoD Cyber Policy and activities focused on providing for the cybersecurity of the Defense Industrial Base and U.S. critical infrastructure. In this role, Mr. Summe worked closely with the National Security Staff, Department of Homeland Security, U.S. Cyber Command, and the National Security Agency. Mr. Summe also served as the Assistant Director of Naval Intelligence for Strategic Engagement. In this role, he led Naval Intelligence Communications, Navy Foreign Liaison, Legislative Affairs, and Intel Community policy.
     

  • Prior to Mr. Summe’s appointment as a DISL, he led a distinguished 30-year career in the U.S. Army, serving in various command and staff positions within the Military Police, Psychological Operations and Information Operations career fields.


Topic: Lines Of Operation And Mission Areas Of The Navy Insider Threat Program To Prevent, Detect, Deter And Mitigate Potential & Malicious Insider Threats

  • Ms. Deidra Bass, former Navy Veteran, currently serves as the Director of the Naval Intelligence Insider Threat Program (NIA N72) within the Naval Intelligence Activity (NIA).

  • Ms. Bass is responsible for the direction, governance, operations and resourcing of the Navy Insider Threat Program (InTP), to include the effective operations of the Policy and Resourcing Staff, Navy Analytical Hub, User Activity Monitoring (UAM), Random Polygraph Program for Privilege Users, and Strategic Communications and Engagement. In addition, she serves as an advisor to the Deputy Chief of Naval Operations for Information Warfare and to the Deputy Director of Naval Intelligence and Assistant Director of Naval Intelligence (DDNI/ADDNI) on all Insider Threat operational and programmatic matters.
     

  • Ms. Bass served as the Naval Intelligence (NAVINTEL) Chief Information Security Officer (CISO) responsible for the cybersecurity posture of over 800+ afloat, submarine, and ashore systems. In this role she directly supported the NAVINTEL Chief Information Officer (CIO). Ms. Bass has also served as the Chief of Naval Operations Staff OPNAV N2N6Q4 Intelligence Enablers Portfolio Resource Sponsor with programmatic resource sponsorship for over 33+ programs ensuring the health, wholeness, and proper funding to meet U.S. Navy mission requirements.

 

 



Department Of Defense Insider Threat Management Analysis Center (DITMAC)
 

Brannon Niesent & Melissa Tignor


Topic: Data & Key Performance Indicators (KPIs) / Behavioral Indicators

 

The Presentation:

 

1) Will present an overview of the DITMAC and discuss the development of internal KPIs.
 

2) Highlight the enterprise services of the DITMAC and the methodology involved in measuring and reporting success for identifying, preventing and mitigating Insider Threats.

 

3) Discuss some of the common behavioral indicators and trends within the DoD.

 

 



Discussion Panel

In addition to our speakers, the ITS&E will feature a panel of experts that will discuss a variety of IRM topics.

This panel will be interactive allowing the audience to ask questions of the panel members, regarding the many critical components and complexities that are involved with an IRM Program.

 

This panel is composed of NITSIG Advisory Board Members, who have extensive experience managing and supporting IRM Programs for the U.S. Government, DoD, Intelligence Community Agencies, Defense Contractors, Universities and private sector companies.

 


 

EXPO OVERVIEW

The Expo will provide attendees with visibility into proven technologies and services (Currently Used By The U.S. Government / Private Sector) for IRM. If you want to learn more about Employee User Activity Monitoring / Behavioral Analytical Tools, this is the event. 

 

Vendors

Would your company be interested in exhibiting at the expo?

 

This is a very important event for your company to showcase its solutions, services and expertise in mitigating Insider risks and threats.

 

This is also a great opportunity to collaborate with attendees on finding out their interests, needs and challenges related IRM.

 

If your company is interested in exhibiting at this event, and has questions, please contact Jim Henderson via email; jimhenderson@nationalinsiderthreatsig.org , or call; 561-809-6800.

 

Vendor Brochure

Vendor Registration

 

Vendors will be listed below as they register for the expo.
 


 

REGISTRATION

Early Bird Registration Until January 30, 2025
$69


Regular Price January 11 Till February 25
$99

 

The Cost Will Include:

Continental Breakfast (Bagels, Pastries, Muffins, Fruits, Coffee)

Lunch (Assortment Of Sandwiches, Chips, Cookie, Water, Refreshments)

Free Parking

Free Wi-fi

Please Note

  • You must be a U.S. Citizen to attend this event. A valid Drivers License or U.S. Government issued ID is required at the door.

  • The event IS NOT open to the News Media.

  • Attendees will be eligible to earn 8 Continuing Professional Education (CPE) Credits to go toward your security certification CPE requirements.

Cancellations / Refunds
All cancellations must be received via e-mail 15 days prior to this event. Please send an e-mail to jimhenderson@nationalinsiderthreatsig.org to cancel your registration.

Attendee Substitutions
All substitutions must be received via e-mail 7 business days prior to this event. Please send an email with your full name and organization, and the name, email and position title of the individual who be attending in your place.
Emergency last minute substitutions will be processed at the event registration check-in.  Please send substitute information to: jimhenderson@nationalinsiderthreatsig.org

 

 

LOCATION INFORMATION
Johns Hopkins University - Applied Physics Laboratory (JHU-APL) Kossikoff Center
11100 Johns Hopkins Road, Laurel, Maryland, 20723-6099

Directions To JHU-APL
JHU-APL Campus Map / Parking Locations
 

 

HOTEL ACCOMMODATIONS
Hotel Next Door To JHU-APL
Homewood Suites By Hilton
7531 Montpelier Rd, Laurel, MD 20723
Phone: 240-360-2725
https://www.hilton.com/en/hotels/balcmhw-homewood-suites-columbia-laurel

 


 

VENDORS EXHIBITING

 


 

COGILITY SOFTWARE - COUNTER-INSIDER THREAT MANAGEMENT PLATFORM

Cogility’s Counter-Insider Threat (C-InT) provides a whole person approach to detect, prevent, and mitigate insider threats.

 

Cogility continuously monitors and analyzes both technical and behavioral potential risk indicators (PRIs) at machine-speed to identify insider threats with full explainability.

 

Combining flexible data ingestion, advanced behavioral analytics, no code risk modeling, and end-to-end case management - Cogility modernizes C-InT programs to help organizations more efficiently and effectively respond to and avoid incidents.

 

More Information
https://cogility.com/counter-insider-threat-intelligence/

 


 

INSIDER THREAT DEFENSE GROUP
The Insider Threat Defense Group (ITDG) is the premier provider of  Insider Risk Management (IRM)  Program Training and Consulting Services.


The ITDG Has Provided IRM Program Training / Consulting Services To An Impressive List Of 700+ Clients:

White House, U.S. Government Agencies, Department Of Homeland Security, TSA, Department Of Defense (U.S. Army, Navy, Air Force & Space Force, Marines) Intelligence Community (DIA, NSA, NGA) FBI, U.S. Secret Service, DEA, Law Enforcement, Critical Infrastructure Providers, Universities, Fortune 100 / 500 companies and others; Microsoft Corporation, Walmart, Home Depot, Nike, Tesla Automotive Company, Dell Technologies, Nationwide Insurance, Discovery Channel, United Parcel Service, FedEx Custom Critical, Visa, Capital One Bank, BB&T Bank, HSBC Bank, American Express, Equifax, TransUnion, JetBlue Airways, Delta Airlines, Royal Canadian Mounted Police and many more. (Full Client Listing)

Over 1000+ Individuals Have Attended ITDG Training Courses And Received Certificates / Credentials As A:

  • Insider Threat Program Manager

  • Insider Risk Program Manager

  • Insider Risk Management Program Evaluator & Optimization Specialist

  • Insider Threat Investigator & Analyst

Our client satisfactions levels are in the exceptional range. We encourage you to read the feedback from our clients.

 

More Information
www.insiderthreatdefensegroup.com

 


 

ECHOMARK INSIDER THREAT LEAK DETECTION TOOL

EchoMark offers a powerful solution that can detect leaks by forensically watermarking documents, images, and emails.

 

EchoMark uses a variety of invisible watermarking techniques to individualize content for each viewer, ensuring that you can trace leaks as soon as they happen.

Detailed analytics let you know when each recipient viewed your file and where they spent the most time. Revoke access if you have any concerns.

Whether information was leaked via email, printout, or photo, EchoMark provides an invisible solution using steganography to find the source within minutes. Advanced features like natural language versioning and computer vision detection help further ensure tracking success. (More Information) (Try For Free) (Demo)
 

More Information
www.echomark.com

 


 

LEXISNEXIS SPECIAL SERVICES, INC.

LexisNexis Special Services Inc. (LNSSI) was founded to help government agencies create actionable intelligence and deliver data-driven decisions. We deliver a comprehensive suite of solutions to arm government agencies with superior data, technology, and analytics to support mission success. We are committed to innovation and continue to bring new solutions to our government partners to solve some of the most pressing challenges facing our nation.

 

More Information
www.risk.lexisnexis.com/le

 

 


 

ACALVIO

Acalvio is the leader in autonomous cyber deception technologies, arming enterprises against sophisticated cyber threats, including APTs, insider threats, and ransomware. Its AI-powered Active Defense Platform, backed by 25 patents, enables advanced threat defense across IT, OT, and Cloud environments. Additionally, the Identity Threat Detection and Response (ITDR) solutions with Honeytokens enable Zero Trust security models. Based in Silicon Valley, Acalvio serves midsize to Fortune 500 companies and government agencies, offering flexible deployment from Cloud, on-premises, or through managed service providers.

 

More Information
www.acalvio.com

 


 

For the most up to date information on the ITS&E, please send an e-mail to: jimhenderson@nationalinsiderthreatsig.org

and you will be added to the distribution list for the NITSIG and ITS&E

 


 

Copyright © 2019 - National Insider Threat Special Interest Group ™ - All Rights Reserved - Legal Notice

 

U