Because of the COVID Pandemic, the Insider Threat Symposium & Expo (ITS&E) event that was scheduled to be held on October 1, 2020, at the Johns Hopkins University Applied Physics Laboratory, in Laurel, Maryland, was cancelled.

ITS&E events were not held between 2020 - 2023 because of COVID, and also in 2024 because of the availability of the JHU-APL Kossiakoff Center. The ITS&E events will be resuming in 2025.

If you manage or support an Insider Threat Program / Insider Risk Management Program and would be interested in speaking at next years event, please contact Jim Henderson via e-mail: or at 561-809-6800.




2019 U.S.



Sponsored By Veriato

Global Leader In Employee Monitoring Software



Cost: $30.00
Includes: Complimentary Lite Breakfast & Lunch Voucher For JHU-APL Cafeteria,

Free Parking.

(More Info Below)


Insider Threat Symposium & Expo Overview

The NITSIG is excited to announce that it will hold a 1 day Insider Threat Symposium & Expo (ITS&E) on September 10, 2019, at the Johns Hopkins University - Applied Physics Laboratory, in Laurel, Maryland

This will be the 4th annual ITS&E that the NITSIG has held.


The ITS&E is recognized as the Go To Event for in-depth real world guidance from Insider Threat Program Managers, with Hands On Experience.


Some of the many great comments that were provided to the NITSIG about past ITS&E events, were the outstanding speakers and the large selection of vendors that were on display. Attendee comments are listed further down on this page.


The ITS&E is a must attend event for individuals working for the U.S. Government, State Governments, Department of Defense, Intelligence Community Agencies, Critical Infrastructure Providers, Defense Contractors, Airport / Aviation Security, Space Craft Manufacturing / Launch Providers, Banking-Finance Industry, Health Care Industry, Chemical Industry, and other large and small businesses.


The NITSIG has lined up another group of outstanding speakers for this event. The confirmed speakers can be found below.

Symposium Overview

The Symposium Will Provide Attendees With Guidance From Expert Speakers On:


  • Developing, Managing or Enhancing an Insider Threat Program


  • In-depth strategies for employee threat identification and mitigation


  • Understanding the many underlying and interconnected components required for a robust Insider Threat Program


  • Gathering and analyzing various data Sources to create an accurate employee snapshot to identify potential or actual Insider Threats


  • Insider Threat Detection Tools / Employee User Activity Monitoring


  • And Much More.......


What Knowledge Will You Take Away From The Symposium?
Attendees will leave the symposium with an in-depth understanding of how to develop, implement, manage or enhance an Insider Threat Program, and have the in-depth knowledge for gathering, analyzing and correlating data sources to detect and mitigate Insider Threat risks.


The ITS&E will provide attendees with access to a large network of security professionals for collaborating with on all aspects of Insider Threat Mitigation.


The ITS&E is also very well suited for any organization or business that is not required to implement an Insider Threat Program, but is concerned with employee threat identification and mitigation.


The NITSIG has complied some Eye Opening reports, surveys and incidents that should be of concern to all CEO's and security professionals.




Symposium Speakers

The following speakers will be presenting.


2019 ITS&E Agenda



Defense Intelligence Agency
Robert Carpenter
Chief, Insider Threat Division

Presentation Title
Building Upon The National Insider Threat Task Force Standards

Presentation Abstract
The Defense Intelligence Agency has a well-established Insider Threat Program that has played a major role in helping identify, understand and respond to anomalous workforce behaviors that are indicative of potential insider threats. This program has experienced a number of changes since its inception during 2009, and these changes were aimed at better addressing the dynamic problem set that the insider threat creates. Mr. Carpenter will share insights about the Defense Intelligence Agency’ Insider Threat Program, including its strategy moving forward.

Mr. Carpenter leads the Defense Intelligence Agency’s Insider Threat Hub. Through four Deputies, he oversees a number of activities that include Detection and Analysis, Case Management Council, Mitigation Panels, Unique Risk Reviews, Continuous Evaluation Data Triage, and Systems Engineering.

Mr. Carpenter joined the DIA during 2004 following his retirement from the US Army as a Counterintelligence Officer after twenty-two years’ service. Upon joining DIA, he served in several leadership and management positions within the Office of Security, Office of Counterintelligence, and Office of Facilities and Services. These assignments included rotations with DoD’s Office of Military Commissions, and the Federal Bureau of Investigations. Mr. Carpenter holds a MS in Information Management, and a MA in Business and Organizational Security Management. He has completed the National Defense University’s Advance Management Program and the Federal Executive Institute’s Leadership in a Democratic Society program. Mr. Carpenter earned the DoD Chief Information Officer Certificate, Chief Information Officer Certification in Federal Executive Competencies, and the NSTISSI 4011 Information System Security Professional.



U.S. Department Of Homeland Security / Cybersecurity & Infrastructure Security Agency
Daniel Abreu
Deputy Associate Director For Security Programs

Presentation Title
Securing Critical Infrastructure From Insider Threats

Presentation Abstract

The Cybersecurity and Infrastructure Security Agency (CISA) partners with industry and government to understand and manage risk to the Nation's critical infrastructure. One of the risks that CISA supports its partners in mitigating is insider threat. Given the inherent institutional knowledge, insiders have the ability to significantly disrupt operations if proper mitigating measures are not in place. CISA provides organizations with capabilities that support their efforts in mitigating this risk. Daniel will provide an overview of CISA and the resources it makes available free of cost to public and private sector partners to mitigate insider threats.





Naval Information Warfare Center Atlantic

Lead Functional Architect & Senior Technical Advisor
Navy Insider Threat Program

Presentation Title
Counter Insider Threat Strategy: Engineer The Insider Threat Program, Not The Tools

Presentation Abstract
Almost every day I get e-mail touting the latest innovations for counter Insider Threat tools. Big data analysis, user activity monitoring, enterprise data aggregation, security information and event management, and more. Yes, there are a lot of great tools out there, but what do you need? What is your operational concept? What are you protecting? How big is  your enterprise? How big is your staff? What technical expertise do you have available?

This presentation will provide a systematic approach to engineering and architecting your Insider Threat Program so you can select the tools that fit your organization and operational concept.

David T. Lang is a retired Air Force counterintelligence and counterespionage Special Agent with a master’s degree in information systems and professional certifications in systems engineering, enterprise risk, information security, IT systems audit, and program management. He currently works as the Senior Technical Advisor and Lead Functional Architect for the U.S. Navy’s Insider Threat Program.



DoD Insider Threat Management & Analysis Center

Dr. Gallagher Senior Behavioral Science Advisor


Presentation Title
User Activity Monitoring Results In The Department of Defense: Trends & Response


Presentation Abstract
This presentation will explore how the Department of Defense (DoD) has responded to Executive Order 13587 and National Insider Threat Task Force (NITTF) Minimum Standards requirement to establish user activity monitoring on its networks. It will detail the insider threat trends that have emerged thus far from those monitoring activities. Finally, it will discuss how the DoD is adapting to better address these trending threats now and in the future.


Dr. Gallagher of the Guardian Defense Group, has extensive experience training and consulting about the human side of Insider Threat, Violence and Espionage. As a Clinical / Operational Psychologist, former military Intelligence Officer, and Former Federal Special Agent, he has had the opportunity to study and apply his knowledge of human dynamics in a wide array of contexts.

Dr. Gallagher supports a contract with the DoD Insider Threat Management and Analysis Center (DITMAC) as the Senior Behavioral Science Advisor. In this role he consults on the most concerning and high profile Insider Threat cases for civilian, military and contract personnel across all 44 of the Department of Defense component organizations. Dr. Gallagher serves as the Scientific Director to National Insider Threat Special Interest Group.



Patrick Knight
Senior Director Cyber Strategy & Product Management


Presentation Title
Troll Farms: Converting Insiders To Insider Threats


Presentation Abstract
Troll farms have become a commercial service for entities to affect public sentiment and incite unrest through sophisticated disinformation and psychological operations tactics for the modern era. Successes can be measured by affecting the actions of only a few of the targeted individuals. Combined with targeted campaigns via social media to sow anti-government sentiment and other activist emotions, trusted insiders could be turned into the next major insider threat


Patrick Knight is the Senior Director of Cyber Strategy and Product Management at Veriato, an innovator in actionable user behavior analytics and a global leader in insider threat protection helping organizations protect critical data from threats by trusted insiders. For over 17 years at companies like McAfee, Intel and Cylance, his cyber security career has helped enterprises protect against online threats through the development of anti-malware, network intrusion detection, computer and network forensics and encryption technologies. He is a writer and speaker on topics of cyber security and privacy in multiple forums including Virus Bulletin and the NITSIG. He is a 12-year veteran of the U.S. Intelligence Community and the United States Army in the fields of Signals Intelligence and Cryptanalysis and a Russian and Serbo-Croatian Linguist.




Dell Technologies
Tim Kirkham
Director Of Global Security Investigations & Insider Risk

Presentation Title
Insider Risk Management At The Corporate Level

Presentation Abstract
Lessons Learned From Developing Insider Threat Programs In Fortune 100 Companies

Tim Kirkham is a retired supervisory special agent from the FBI and a former city police officer. Tim has extensive overseas experience and served in several countries as an accredited US Diplomat. Tim retired in 2015 and accepted a position at Fortune 100 Company to create and implement a holistic Insider Threat Program. After successfully building the program, Tim accepted an offer from another Fortune 100 company to do it all over again.



Courtney Healey
Insider Threat Program Manager

Presentation Title
Adapting & Evolving: Lessons Learned From Changing Security Landscapes  

Presentation Abstract
Whether you are building an Insider Threat Program or have one long-standing, there are consistent challenges in collecting the information and support you need to be successful. While there is no silver bullet that works for every organization, we would like to share both successes and failures we have had with organizational structure, data, tools, and executive support.

Ms. Courtney Healey has been with Equifax for nearly 3 years. Prior to joining Equifax, she served as an Intelligence Analyst in the Federal Bureau of Investigation (FBI). She holds a Masters in Public Policy with emphasis in National Security.



Jon Mark Harrington, CFE
Director, Global Insider Threat & Data Loss Prevention Program
Cyber Threat and Intelligence
Global Technology-Information Security


Presentation Title
Winning Hearts & Minds: Countering Insider Threats Goes Beyond InfoSec


Presentation Abstract

Building and then honing an industry-leading Insider Threat Program involves more than high-tech information security tools. It takes close relationships, buy-in, and actual participation from other key company components as well as senior executives.


If one transitions from the government, and is new to the private sector, the environment can seem very different. Where should one begin? One approach involves engaging the tactical, operational and strategic levels, simultaneously. In doing so, there are several do’s and don’ts about which to be mindful. For example, a do - maintain a consistent message - have a message - on all three levels; a don’t – maintain a matter-of-fact demeanor, especially with senior executives. There are many competing priorities - making money or feeling more like a family than a corporation.


The Insider Threat Professional must formulate their security strategy by sincerely considering these competing priorities and using them to win the hearts and minds of key individuals who will facilitate the program’s success.


Mr. Mark Harrington is a retired Air Force Human Intelligence Officer with a master’s degree in international relations, an executive master’s certificate in business administration, and a professional certificate as a fraud evaluator. While in uniform, in addition to serving at all levels of command, he also represented the Secretary and Chief of Staff of the Air Force as a military diplomat in Brazil. Following retirement, he remained in government service as a lead evaluator with the Department of Defense Office of Inspector General. He currently works as Director of the Global Insider Threat & Data Loss Prevention Program at TransUnion in Chicago.


Oracle National Security Group
Patrick Sack
Chief Technologist Officer (CTO)


Presentation Title
Protecting Cloud Data From Insider Threats

Presentation Abstract
As we’ve seen in recent major Cloud breaches, the insider threat (employees, ex-employees, etc) can lead to catastrophic data loss for banks, government, and other institutions. Predicting and monitoring a malicious insider’s “authorized” activity on data is extremely difficult, yet paramount. We will explore the attack vectors insiders have on data in the cloud and the unique protections needed to secure it.

Patrick Sack is CTO of the Oracle National Security Group and patent holder for 10+ security patents, some of which are implemented in the IC, Civilian, DoD, and organizations globally. Patrick has been in the IT industry over 34 years designing, developing, innovating and delivering secure information systems that are core to the customer’s mission. He has been involved with Information Security over 30 years and leads efforts to secure data in Oracle technologies such as Cloud, Database, Big Data, 5G, Java, IOT, Blockchain, AI/ML/Analytics, Hardware and Multi-level Security.

Patrick specializes in Oracle's Information Assurance solutions and has been instrumental in driving new security technologies, features and solutions for customers, such as Database Vault for insider threat and security compliance. He is the primary architect and founder of many of the advanced security capabilities available in the Oracle database product offerings, including Oracle Database Vault, Oracle Audit Vault, Oracle Label Security, Fine-Grained auditing, SQL Capture, Real Application Security and Privileged Analytics. In addition to his U.S. patents with Oracle Corporation in the information security, he has contributed too many books on Oracle security and a Co-Authors of the book, Applied Oracle Security.



Penn State University Homeland Security Program
Nicholas Eftimiades
Assistant Teaching Professor, Homeland Security Program 


Presentation Title
Chinese Economic Espionage: Insider Threats & Operational Methods


Presentation Abstract
American industry is poorly prepared to contend with the insider threat stemming from China's whole of society approach to economic espionage, theft of intellectual property, technology, and trade secrets. This briefing presents findings on insider threats, their targets, motivations, and operational tradecraft. Conclusions are drawn from analyzing a data set of 447 cases of Chinese espionage. China’s intelligence activities targeting the US industry are conducted by a wide range of organizations including state-owned enterprises, private companies, individuals, and some universities, as well as the country’s intelligence services. The targets of China’s espionage correlate to the priority technologies identified in core government strategies, suggesting a centrally directed but distributed ‘whole of society’ approach to intelligence activity. The level of espionage tradecraft ranges from quite poor to professional, even within organizations; cyber espionage is the exception, showing standardized techniques and practices. The views expressed in this briefing do not reflect Penn State University or the U.S. Government.

Nicholas Eftimiades is an assistant teaching professor in the Penn State Homeland Security Program. He recently retired from a 34 year government career that included employment in CIA as a Technical Operations Officer, Special Agent in the US Department of State, Bureau of Diplomatic Security, and a Senior Intelligence Officer in Defense Intelligence Agency.

Mr. Eftimiades held positions in analysis, human and technical intelligence collection, and program management. Eftimiades' book Chinese Intelligence Operations is an examination of the structure, operations, and methodology of China's intelligence services. The book received worldwide recognition as the premier scholarly work in the field. He has since published numerous papers and articles on the subject.

Eftimiades testified before Congress and appeared on CBS Evening News, Dateline NBC, ABC's Day One, BBC, National Public Radio, and has been quoted in dozens of other television and radio broadcasts.



Expo Overview

The Expo will provide attendees with visibility into proven technologies and services (Currently Used By The U.S. Government / Private Sector) for Insider Threat detection, and mitigation. If you want to see Employee User Activity Monitoring / Behavioral Analytical Tool demonstrations, this is the event. 




Would your company be interested in exhibiting at this event / expo? This is a very important event for your company to showcase its commitment and expertise in mitigating Insider Threats risks, but also your company's products and services as well. Additionally, you will have a great opportunity to collaborate with attendees on finding out their interests, needs and challenges related to Insider Threat Mitigation.


If your company is interested in exhibiting at this event, please contact Jim Henderson via email; , or call; 561-809-6800


Vendors will be listed below as they register for the expo.


The Insider Threat Defense Group (ITDG) has become the Leading Company for Insider Threat Program Development / Management Training and Insider Threat Mitigation Services. We provide a broad portfolio of training and services to potential clients, that will address Insider Threat Risks with a cost effective, comprehensive and holistic approach.

The ITDG has provided training and services to an impressive list of 550+ clients (In Over 14 U.S. States); U.S. Government Agencies (Department of Defense, Intelligence Community), Defense Contractors, Defense Security Service, Critical Infrastructure Providers, Fortune 500 Companies, Aviation / Airline Industry, Spacecraft Manufacturing- Launch Providers, Technology Companies, Banking - Financial Industry, Health Care Industry, and other large-small businesses and global corporations. Client Listing

Over 700+ individuals have attended our training and received ITP Program Manager Certificates.

Our student satisfactions levels are in the exceptional range. We encourage you to read the feedback from our students. Student Comments


Due to the high number of requests, the Insider Threat Defense Group will be offering deeply discounted ITP Development - Management Training, the day before (September 9) the ITS&E.  (Cost: $695.00 - Normal Pricing: $1295.00) Don't let the discounted pricing fool you. This training is the most comprehensive and resourceful Insider Threat Mitigation training available.

This training will be held at the Johns Hopkins University - Applied Physics Laboratory, in Laurel, Maryland, in the Kossikoff Center training rooms.
There is LIMITED SEATING for this training. (52 Seats Available)

Training Brochure


More Information


Veriato is an innovator in Insider Threat Detection and a global leader in Employee Monitoring Software. Driven by AI, more than 42,000 companies and government entities worldwide utilize Veriato to gain unmatched insight into the User Activity occurring on their network. Veriato’s product line includes the Veriato Cerebral, Veriato Investigator and Veriato RansomSafe.

More Information



Whether federal, state or local agency, public safety or educational organization, TransUnion’s suite of mission-critical solutions provides the public sector with vital information and an unmatched combination of credit and non-credit data to help ensure citizen safety, manage compliance and boost services for constituents served. Our comprehensive and unique sets of credit, criminal and public data, coupled with flexible analytics, help agencies detect and prevent cyber fraud, and make connections between people, businesses, assets and locations.

Our experience has given us a deep understanding of the challenges facing your organization, your service requirements, and the factors that impact your daily operations.

More Information



Dtex provides organizations across the globe with the complete, user-focused visibility needed to strengthen enterprise security posture and effectively manage insider threats. Dtex’s Modern User Activity Monitoring combines high-fidelity user activity data with machine learning and advanced analytics to pinpoint anomalies in real time, elevate areas of risk, generate actionable insights, and provide answers quickly. Collecting only the lightweight data needed to identify risky behaviors, Dtex can be deployed and scaled quickly with no impact on network, endpoint or human performance and without impeding user privacy.

More Information




Mitigating insider threats takes a lot more than just correlating network data. It requires the ability to analyze 'whole-person' behavior — rapidly, continuously and at scale.

Our Haystax For Insider Threat solution was designed from the ground up to:

  • Continuously assesses the trustworthiness of individuals, not just user activity on networks and devices like conventional machine-learning or rules-based solutions.

  • Uses a probabilistic model that analyzes evidence from a wide array of data sources to prioritize risk rather than generate excessive false-positive alerts that overwhelm analysts.

  • Provides a user interface that mirrors current analyst terminologies and workflows.

  • Includes a connector framework that makes it easy to integrate data and existing detection systems quickly.

Top federal government agencies and large commercial enterprises, as well as state and local public-safety organizations, rely on Haystax for more effective protection of their critical systems, data, facilities and people. A U.S. defense agency has called Haystax for Insider Threat the "only known system for prioritizing personnel according to positive and negative nodes of trust."

More Information




AC Global Risk (ACGR) is a Silicon Valley-based technology company that developed Remote Risk Assessment (RRA®) to uncover human risk across the commercial and government markets. RRA’s capabilities are the output of 10 years of development, 2-year market evaluation, countless customer trials, and formal validation.

Remote Risk Assessment (RRA®) is a sophisticated system that uses unique voice analytics processes to evaluate and quantify distinct characteristics of the human voice related to risk. RRA is a highly accurate, automated, high-throughput risk assessment technology that has been vetted by military and commercial customers.


  • RRA takes under 10 minutes - over the phone, remote team, or on-prem

  • Light touch with simple YES / NO responses to 3-6 automated questions - no PII is required

  • Works in any language - already used in English, Spanish, Pashto, Farsi, Tagalog, and Somali

  • 97.62% accurate on latest validation

  • Used for HR screening, counter green-on-blue, counterintelligence, insider threat mitigation, fraud / incident / loss investigations, 3rd party audits, and IP protection.

More Information



Capgemini’s Arena ITI™ provides organizations of any size with proactive identification of potential insider threat activity, built on industry-leading experience in counterintelligence.

Arena ITI™ is an award-winning solution that takes a holistic approach to detecting insider threats. Arena ITI™ assesses both the employees’ cyber footprint and their non-IT behaviors in a single platform to produce earlier and more accurate insider threat detection by:

  • Ingesting intelligence from company and third-party data sources

  • Aggregating data through predefined risk models and scoring

  • Drilling down for advanced analysis, further investigation and reporting

Arena ITI™ is an important part of an Insider Threat program, it provides context and insight for security teams to focus their limited resources on assessing the behaviors of high-risk individuals and intervening prior to the occurrence of a hostile event.

A comprehensive insider risk program requires people, processes, and tools, acting collectively to achieve the greatest benefit and return on investment. Capgemini also provides Insider Risk Assessments and Insider Risk Program Development.

More Information




Jazz Networks simplifies insider threat detection and breach prevention with machine learning and a fully-customizable policy engine. The platform automates employee training the instant they make a mistake, applies policies while data is in motion to prevent data loss, and provides the fastest threat hunting and forensic capabilities for investigations.


More Information




MathCraft Security Technologies is the leading provider of innovative software for today’s security professionals. As a trusted partner within the industrial security community, we work with government and corporate organizations of all sizes to streamline operations, maximizing both productivity and efficiency.

MathCraft’s robust product lines are compliant with Defense Security Service (DSS) and NISPOM requirements for cleared contracts and enterprises. Our solutions are carefully engineered to improve security and compliance processes, giving Facility Security Officers (FSOs) and employees the comprehensive tools that they need to manage data, monitor visitors, and automate workflows. For ultimate convenience, they are also available on-premises or via a FedRAMP-approved cloud platform.

Access Commander® is our industrial security management software for FSOs who need to govern and organize their security efforts while staying compliant.

ViSi Commander™ is the application that allows FSOs to manage visitors across cleared facilities and streamline the check-in/out process.

Portal Commander™ is our automated, self-service security portal for employees, line managers, FSOs, and CSOs who require improvements, consistencies and accountabilities in security processes. The Business Process Management (BPM) edition includes a workflow engine that allows you to optimize your security processes like never before.


With MathCraft’s powerful lines of industrial security applications, organizations can manage their classified facilities, personnel clearances, foreign travel, classified visits, incidents, insider threats, classified contracts, classified documents, badges, training, and more in one place, within applications that make compliance inherent and systemic. Our products save time, reduce costs, and minimize risks for those who stand on the front lines, safeguarding our nation’s most sensitive information and infrastructure.

More Information
703-729-9022 / Ext. 803



Securonix redefines the next generation of security monitoring. Securonix Next-Gen SIEM uses big data architecture to provide unlimited scalability and data retention on a non-proprietary open platform. It leverages machine learning and behavior analytics to detect the most advanced cyber threats.

The solution comes packaged with out-of-the-box content for insider threats, cyber threats, cloud threats, and fraud. It also comes with Securonix Spotter, which supports text-based search, ad-hoc reporting, link analysis, and threat hunting capabilities across massive data sets. Securonix provides incident orchestration and response capabilities with built-in incident response playbooks and case management.

The Securonix solution is available in the cloud as a fully-managed SaaS platform. Securonix is SOC2 certified and supports complete SIEM functionality in the cloud with minimal operational overhead.

More Information



SolarWinds® provides powerful and affordable IT management software to customers worldwide from enterprises of all sizes to virtually every civilian agency and branch of the US Military. We focus exclusively on IT Pros and strive to eliminate the complexity that they have been forced to accept. SolarWinds delivers on this commitment with unexpected simplicity through products that are easy to find, buy, use and maintain while providing the power to address any IT management problem.

More Information



Oracle is a leader in security and top provider of 5G, Cloud (DaaS, SaaS, PaaS, Iaas), Java, Data technologies, HCM/ERP/CRM, AI/ML, Emerging technologies, Hardware, and much more.

Oracle technologies specificslly help reduce the insider threat access to highly sensitive data with technologies such as Gen 2 Cloud, Transparent Database Encryption, Key Vault, Database Vault, Audit Vault, Database Firewall, and the Cloud Access Security Broker (CASB).

Oracle enterprise Hardware and Cloud have been selected by Insider Threat and Security Operations Centers at large agencies to run 3rd party COTS software. Oracle hardware is selected for its low cost, high performance, and resiliency in the InT/SOC use case.

More Information



Code42 is the leader in data loss protection. Native to the cloud, the Code42 Next-Gen Data Loss Protection solution rapidly detects insider threats, helps satisfy regulatory compliance requirements and speeds incident response — all without lengthy deployments, complex policy management or blocking user productivity. Because the solution collects and indexes every version of every file, it offers total visibility and recovery of data — wherever it lives and moves. Security, IT and compliance professionals can protect endpoint and cloud data from loss, leak and theft while maintaining an open and collaborative culture for employees. Backed by security best practices and control requirements, Code42 Next-Gen Data Loss Protection preserves files for compliance and can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.

More than 50,000 organizations worldwide, including the most recognized brands in business and education, rely on Code42 to safeguard their ideas. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and backed by Accel Partners, JMI Equity, NEA and Split Rock Partners.

More Information
Read Code42’s Blog / Follow Us on Twitter



Cyberhaven rapidly detects and eliminates data incidents caused by insider threats. Cyberhaven reduces the cost of data breaches by rapidly detecting and investigating insider threats. It provides instant visibility into data flows across endpoints, servers, email and SaaS, significantly reducing the amount of time to contain a breach.

More Information




Splunk drives fast, confident decisions to solve DoD’s toughest challenges and ensure mission success. Its massively scalable analytics platform leverages data from any source or format – satellites, mobile devices, servers, weapons systems and more. It delivers real-time situational awareness and insights that optimize assets and operational capabilities, accelerating mission execution.


More Information



ObserveIT, the leader in Insider Threat Management, delivers comprehensive visibility into user and data activity providing security organizations with a powerful tool for protecting employees and valuable assets while saving time and resources. With more than 1,900 global customers across all major verticals, ObserveIT empowers security teams to proactively detect Insider Threats, streamline the investigation process and enable rapid response.


More Information



Yakabod’s CISOBox and Yakabox software provide secure software for insider threat case management, file sharing and other business processes. The company’s products provide insider threat teams with efficient, productive, repeatable business processes for managing, tracking and documenting insider threat investigations, as well as for communicating with investigation teams and stakeholders. Built on technology created for, certified (Under NIST RMF) by and used in U.S. Federal Intelligence Agencies, Yakabod’s solutions provide comprehensive security to protect sensitive, high stakes insider threat case data from both external and internal threats and to minimize the risk associated with improper access to or disclosure of sensitive insider threat information.

More Information



Location / Registration

Johns Hopkins University - Applied Physics Laboratory (JHU-APL)
Kossikoff Center
11100 Johns Hopkins Road
(Turn Right Off Of Johns Hopkins Road Onto Pond Road - See Map Under Parking Information Below)
Laurel, MD 20723-6099

More Information For JHU-APL


Lodging  -  Hotels Near JHU-PL
DoubleTree by Hilton Hotel Laurel (7.1 Miles)
Courtyard by Marriott Silver Spring North / White Oak, Maryland (8.8 Miles)
SpringHill Suites By Marriott / Columbia, Maryland (5.0 Miles)
JHU-APL Visitor Guide   (See Page 8 For Hotels)



NITSIG ITSE JHU-APL Laurel, Maryland Map








Includes: Complimentary Lite Breakfast & Lunch Voucher For JHU-APL Cafeteria

Due to increased costs to host this event, the NITSIG will be charging a small fee to attend this event (Open To Non-NITSIG Members)



Limited # Of Tickets (500)

Registration Link


Attendee Substitutions
All substitutions must be received no later than 7 business days prior to the start of this event. Please send an email with your full name and organization, and the name, email and position title of the individual who be attending in your place. Please send substitute information to:

Substitutions made after this date will be processed at the event registration check-in.



Food / Beverages


Complimentary fresh baked morning muffins, danish and bagels. Served with regular and low-fat cream cheese, butter and jam.

Complimentary coffee, decaf coffee, hot tea, dispensers of ice water


$10.00 coupon provided to attendees to use at JHU-APL Cafeteria. This will cover most lunches.

Lunch is also available at surrounding food establishments.



Complimentary coffee, decaf coffee, hot tea, dispensers of ice water




Complementary WiFi will be provided.



For the most up to date information on the ITS&E, please send an e-mail to:

and you will be added to the distribution list for the NITSIG and ITS&E



Comments From Past ITS&E Events


I would like to take the time to thank you for the NITSIG Insider Threat Symposium that I attended last week. I am fortunate enough to be able to attend security conferences regularly and I have to tell you, this was one of the most informative and relevant that I have attended in years. The speakers were informative and there was a wide variety of subject matter that I really enjoyed.

Heidi Mullane
Assistant Facility Security Officer
WorldWide Language Resources, LLC

I really enjoyed the conference last week and assisting with Registration. The Speakers that you had were awesome. Thanks again for hosting this event for the community.

Ernie R. Fedewa Jr.
InCadence Strategic Solutions Corp
Security & Compliance Director


The Symposium and Expo was excellent. It was great to hear all the speakers and I took away loads of information from each.

Renee Kinney
Booz | Allen | Hamilton

I really enjoyed the Insider Threat Symposium yesterday. You had great speakers presenting and there was a lot of valuable information shared. I look forward to the next symposium.

Stacey Abrey
Security Representative
Thales Defense & Security, Inc.

I wanted to thank you for your efforts to put on a great symposium today. I did get a chance to take in some great briefs, talk to some vendors about some really interesting products and do a lot of good networking. So, I would call that a big success. Please put me on the mailing list for future products and gatherings that NITSIG is a part of.

Patrick Thacker
Jacobian Enterises, LLC
Owner, Chief Insider Threat & Risk Management SME

Your inaugural conference was a clear success judging by the significant number of attendees who stayed until the very last hour. Steven McIntosh’s presentation was wonderfully organized and addressed many of the underlying issues associated with implementing Insider Threat Programs. Ron Ross (NIST), DeWayne Sharp (FBI), Greg Pannoni and Kathleen Branch also garnered good feedback, as did Mike Caimonao of Boeing. Lastly, you clearly hit a home run with Kurt Stammberger’s presentation of Norse’s insight into the Sony breach.

Cindy Faith
Cyber Security / Business Development Consultant


You must be a U.S. Citizen to attend this event. A valid Drivers License or U.S. Government issued ID is required at the door.



News Media
The event IS NOT open to the News Media.



Continuing Professional Education Credits

Attendees will be eligible to earn 8 Continuing Professional Education (CPE) Credits to go toward your security certification CPE requirements.



NITSIG Membership
For more information on becoming a NITSIG Member (No Cost), please see the link below:


Please send any questions about this event via email to;

Or call; 561-809-6800




Copyright © 2019 - National Insider Threat Special Interest Group ™ - All Rights Reserved - Legal Notice