Premier Sponsor - Veriato
is excited to
that it will hold a 1 day Insider Threat Symposium & Expo ™
on October 19, 2018, at the
Johns Hopkins University - Applied Physics Laboratory, in Laurel,
will be the 3rd Annual Insider Threat Symposium & Expo that the NITSIG
has held. The NITSIG has lined up another group of outstanding speakers
for this event. The confirmed speakers and registration
information can be found below. Please check back as more information
becomes available for this event.
avoid confusion and to clarify the following, the NITSIG is making the
following statement. Another organization, the Defense Strategies
Institute (DSI), is having an Insider Threat Symposium (ITS), on October
15-16, 2018, in Alexandria, VA. The costs to attend the DSI ITS range
from $690 to $1090.
NITSIG IS NOT affiliated with DSI. Some of the same speakers that will
be speaking at the DSI ITS, will be speaking at the NITSIG Insider
Threat Symposium and Expo (ITSE). The cost for the NITSIG ITS&E is only
$25.00. Attendees of the 2015 and 2017 NITSIG ITS&E have stated that the
events had great speakers, provided lots of valuable information and
provided great networking opportunities. Attendee comments can be found
further down this page.
Would You Like
To Be Added To The NITSIG E-Mail Distribution List For
Announcements And Other Information?
Insider Threat Symposium & Expo Overview
Threat Symposium & Expo was created in the wake of past and
Threat Incidents" that have been very
costly and damaging to the U.S. Government and businesses.
The NITSIG has complied some "Eye Opening"
reports, surveys and incidents
that should be of concern to all CEO's
and security professionals.
The NITSIG has lined up
excellent speakers with "Hands On Experience", who are Insider Threat
Risk Mitigation Subject Matter Experts, and
work for the U.S. Government, Defense Contractors and private sector
businesses, managing or supporting Insider Threat Programs. (Speaker Info Below)
Insider Threat Symposium & Expo is a MUST ATTEND event for individuals
working for the U.S. Government, State Governments, Department of
Defense, Intelligence Community Agencies,
Providers, Defense Contractors, Airport / Aviation
Security, Banking-Finance Industry, Health Care Industry, and other large and small businesses.
The Symposium will focus on, and provide guidance on developing,
managing or enhancing an Insider Threat Program (ITP) / ITP Working
Group, ITP Unintended Impacts / Consequences / Challenges, Employee
Threat Identification and Mitigation, Insider Threat Fraud, Employee
User Activity Monitoring, Protecting Controlled Unclassified
Information and more.
Insider Threat Symposium & Expo will provide attendees with access
to a large network of security professionals for collaborating with on
all aspects of Insider Threat Risk Mitigation.
Symposium will also include a panel of industry recognized
Insider Threat Risk Mitigation Experts. These experts will answer questions from
the audience providing "Real World Guidance" for Insider Threat Program
Management and Insider Threat Risk
The Insider Threat Symposium & Expo is also very well suited for
organizations that are not mandated by a compliance requirement to
implement an Insider Threat Program, but are concerned about
employee threat identification and mitigation.
The Expo will provide attendees with visibility into
proven technologies and services for Insider Threat Detection, Mitigation and
Prevention. If you want to see Employee User Activity Monitoring /
Behavioral Analytical Tool demonstrations, this is the event. More
details on vendors below.
Attend? / Target Audience
audience for the Insider Threat Symposium & Expo is for individuals that
manage or support Insider Threat Programs or are involved in Insider
Threat Risk Mitigation.
Insider Threat Program Manager
Insider Threat Program Personnel /
Program Working Group Members
Resources / Personnel Security
Physical Security / Facility Security Officers
C-Suite Management (CEO) / Senior Directors
Level Management / Business Unit Managers
Risk Officer / Risk Management
Information Officer (CIO) / Information Technology (IT) Department
Information Security Officer (CISO)
Security Program Manager
Information Systems Security Manager / Officer
Information Assurance Manager / Officer
Network Security / IT Security / Database Administrators
Security, Education Training And Awareness Professionals
Computer Security Incident Response Team
Contracting Officer (COTR)
/ General Counsel
William R. Evanina
Director, National Counterintelligence and Security Center
The Importance Of Addressing The Insider Threat With An Insider Threat
No matter how good your perimeter defenses are, you must always
contend with the problem of the insider-- malicious or otherwise.
Insider threat actors have a comparative advantage over others in the
arena of critical infrastructure. They have access to facilities,
systems or networks that terrorists and nation-state threat actors
typically do not have. They know how to do damage in nuanced ways, not
just relying on remote-access cyber, but using digital technologies.
Insiders may also be unwitting, compromising information or security
through negligent or lax practices (i.e., clicking on the spear phishing
link). Continually advancing technology enhances malicious insiders’
ability to exploit large quantities of sensitive information. It may be
difficult to stop an insider who is determined to steal, leak, or sell
information. A malicious insider may also put personnel, equipment and
facilities at risk through acts of terrorism, workplace violence, or
sabotage. Holistic Insider Threat Programs—whether in the public or
private sector—are in a much better position to proactively identify
abnormal activity and to minimize potential damage when it occurs. They
are able to identify and analyze anomalous activity, using multiple data
sources, and refer the matter to the proper authority for mitigation
and/or response. Ideally, Insider Threat Programs will get ahead of an
unauthorized disclosure, by closing potential security gaps and/or
identifying personnel who need assistance, before any damage occurs.
Senior Director Of Cyber Strategy And Technology
Assessing Your Insider Threat Program’s Maturity
Just because nearly every organization is aware of insider threats,
they don’t all address the problem in the same way. And yet, there are
industry-recognized best practices that, in total, can be used to
properly establish and maintain an Insider Threat Program. In this
educational session, join Patrick Knight from Veriato, as he uses the
findings from an Insider Threat Program Maturity Model survey to help
Identify just how mature is your organization’s
Spot the common challenges every organization
faces – and learn how to overcome them.
Learn how to mature your program to one that’s
consistently aligned with the needs of your organization.
Patrick Knight is Senior Director of Cyber Strategy and Technology
at Veriato, a leader in actionable User Activity Monitoring and User and
Entity Behavior Analytics helping vital industries across the globe
identify and protect against insider threats.
Mr. Knight spent 12 years in the U.S. Intelligence Community helping to
protect the country. Since 2001 he has worked for major security leaders
developing technologies and guiding online security policies and
innovation including encryption, network intrusion detection and anti-malware
Lead Of The Insider Threat Technical Solutions Team
CERT National Insider Threat Center
A Framework To Effectively Develop Insider Threat Controls
The CERT Insider Threat Center will present a framework for
organizations to consider as they first attempt to identify insider
threats to critical assets and second as they develop, implement and
measure the effectiveness of technical and nontechnical controls and
detection capabilities. Actual incidents of insider harm will be
presented to demonstrate control development using the framework.
Davita N. Carpenter, M.B.A., SHRM-SCP
Vice President, Human Resources / Employee Care
Compliance / Ethics / EEO Officer
Insider Threat Program: Is Human Resources At The Table And Engaged?
The presentation will focus on Human Resources (HR)' level of
engagement and commitment to the Insider Threat Program. The gathering
and sharing of employee information is essential for the success of an
Insider Threat Program. Equally important is protecting employee's
privacy and civil liberties. If you are asking "How can HR be successful
in this role?", this presentation is for you.
Principal For CUI Program Oversight
Information Security Oversight Office
National Archives and Records Administration
Protecting Controlled Unclassified Information (CUI)
Background On Protecting CUI - On November 4, 2010, the President
signed Executive Order 13556, Controlled Unclassified Information. The
Executive Order established a government wide CUI Program to standardize
the way the executive branch handles unclassified information that
requires protection. It designated the National Archives and Records
Administration (NARA) as the Executive Agent to implement the program.
The Archivist of the United States delegated these responsibilities to
the Information Security Oversight Office.
The requirements for the protection of CUI provide a set of “minimum”
security controls for contractor information systems upon which CUI is
processed, stored on, or transmitted through. These security controls
must be implemented at both the contractor and subcontractor levels
based on the information security guidance in NIST Special Publication
(SP) 800-171: Protecting Controlled Unclassified Information In
Non-Federal Information Systems And Organizations.
The CUI protection requirements are intended for use by federal agencies
in contractual vehicles or other agreements established between those
agencies and nonfederal organizations. Failure to implement the security
controls to protect CUI, would be a breach of contract.
For an Insider Threat Program to be robust and effective, it must be
built upon an established security foundation within an organization.
The NIST SP 800-171 covers many security controls that can support
Insider Threat Risk Mitigation.
This presentation will provide the attendees with an overview of the CUI
Program, its origins, and review the safeguarding elements found in the
CUI implementing directive 32 CFR Part 2002.
Mark Riddle is a Senior Program Analyst for the Information Security
Oversight Office (ISOO) at the National Archives and Records
Administration. He serves as Lead for implementation and oversight
activities for the Controlled Unclassified Information (CUI) Program. He
co-authored the National Institute for Standards and Technology Special
Publication 800-171, Protecting Controlled Unclassified Information in
Nonfederal Systems and Organizations (June 2015). This publication
recommends standards for protecting CUI in nonfederal electronic
environments that may be prescribed in agreements between federal and
nonfederal partners. Mr. Riddle consults with Executive branch
departments and agencies, and with industry and other nonfederal
organizations on the structure and implementation of the CUI program,
and its impact on the protection of sensitive information within these
Chief Technology Officer, Digital Transformation
Defense and Intelligence
Conducting User Activity Monitoring With Your Existing Network Infrastructure
The presentation focuses on using your existing network
infrastructure to conduct user activity monitoring. This presentation is
designed for organizations just starting to implement User Activity
Monitoring and Insider Threat Programs within their organizations. It
provides a basis for achieving an initial operating capability until
other tools and infrastructure can be implemented, or allows the
organization to tune their existing tools to achieve a maximum return on
investment if no other tools will be purchased.
Max Alexander serves as the Chief Technology Officer and Director of
Cybersecurity for Aveshka Inc. where he consults with federal and
commercial clients in cyber and information security issues ranging from
digital forensics, incident response, data loss prevention, risk
management, COOP, disaster recovery, and insider threat. He also serves
as a Professor of Digital Forensics at The George Washington University
and the University of Maryland University College where he trains and
mentors future forensicators using his two decades of experience as a
former intelligence officer where he specialized in National Level
Counterintelligence (CI), Human Intelligence (HUMINT), and Signals
Intelligence Collection (SIGINT) at the National Security Agency and the
National Counterintelligence Executive. His educational accomplishments
include certification as a DoD Cyber Crime Investigator and completion
of a Master of Science Degree in Science and Technology Intelligence
from the National Intelligence University, a Master of Engineering (Cybersecurity)
from the George Washington University and Doctorate in Public
Administration from Valdosta State University, where his concentration
is in Science and Technology Policy.
Dr. Liza Briggs
US Marine Corps HQ Intelligence Department
Social Science And Insider Threat: Being The Insider’s Outsider
Social Science perspectives uncover gaps, address unintended impacts
and provide assessment and analytic capabilities that advance Insider
Threat Program objectives. Dr. Briggs will discuss examples of common
dynamics, challenges and tools relevant to Insider Threat Programs,
while highlighting the application of Social Science methods and tools.
Dr. Liza Briggs is a civilian Social Scientist at the U.S. Marine
Corps Headquarters (USMC HQ) Intelligence department (I Dept.) Insider
Threat program (InTP) in Quantico, Virginia. She has over a decade of
experience providing research to support policy makers. Her prior
experience includes work at U.S. Africa Command (AFRICOM), Department of
State (DOS), Broadcast Board of Governors (BBG), National Defense
University (NDU), non-government and private sector entities.
Dr. Briggs holds a Bachelor’s degree in Psychology from James Madison
University, a Master’s degree in Higher Education from Virginia
Polytechnic Institute and State University and a PhD in International
Policy Studies from The University of Maryland- College Park. Dr. Briggs
has conducted research in over 20 countries. She is a native English
speaker and highly proficient in French.
Operations Manager, Office of Security
Office Of The Comptroller Of The Currency
Office of the Comptroller of the Currency (OCC) Insider Threat Program
The Department of Treasury has the main responsibility of
Insider Threat Program monitoring. As a bureau OCC has a responsibility
of employee safety that the Treasury program does not monitor at the
departmental level. Mrs. Smith will discuss examples of OCC
collaboration of the Crisis Management Team approach in dealing with the
security challenges and departmental dynamics when having responsibility
of over 70 sites of across the United States.
Mrs. Smith is the Operations Manager for the Office of Security,
Office of the Comptroller of the Currency (OCC). She has over 18 years’
experience as a Law Enforcement Officer and Agent. She is currently the
Insider Threat Program Liaison between the OCC and The Department of
Mrs. Smith has worked for the Prince William County Police from
1999-2010 where she served as a patrol officer, instructor at the
Academy, detective, and Sergeant. She was a member of the SWAT team and
one of her assignments was undercover in the Vice Narcotics Section as a
member of a Federal Joint Task Force before being recalled to Operation
Iraqi Freedom. Mrs. Smith severed in the Navy and Naval reserve as a
Filed Corpsman for over 20 years, she ultimately retired from the Naval
Reserve in 2009.
In 2011, Mrs. Smith was a Federal Agent assigned to Headquarters,
Department of Homeland Security (DHS), where she worked as the Team Lead
for the Force Protection Branch and assigned as an Investigator for the
Insider Threat Program of DHS. Mrs. Smith has conducted numerous
inquiries into potential Insider Threat cases resulting in a wide range
of disciplinary action.
Mrs. Smith holds an Associates and a Bachelor of Police Science degree
from George Washington University. She also holds a Security
Fundamentals Professional Certification from DOD. Mrs. Smith has taught
Active Shooter Response both from a Law Enforcement and a general
security professional prospective.
Jim Henderson (Bio)
Insider Threat Risk Mitigation Expert
NITSIG Founder / Chairman
CEO Insider Threat Defense, Inc.
President, Exec Security TSCM Services / Patterson Communications, Inc.
Data / Information Using The Malicious Insider Playbook Of Tactics -
Insider Threats Made Easy - James Bond 2018
Is Your Government Agency Or Business Being Bugged With Spy Gear?
The news during the week of August 12, 2018, reported that former
White House employee Omarosa Manigault Newman used a Spy Pen to record
conversations within the White House. Manigault Newman has dodged
questions about how she made her recordings, but current and former
White House staffers are reportedly concerned that she used a pen that
looks like a typical writing tool but can actually record audio.
This presentation / demonstration will focus on understanding simple
techniques and spy gear that "Malicious Insiders" can use to exfiltrate
data and other valuable information from within an organization. These
techniques have successfully been used to exfiltrate sensitive business
information during Insider Threat Risk Assessments. Understanding the
"Malicious Insiders Playbook" of options is critical.
Mr. Patterson specializes in providing electronic privacy protection
through technical surveillance countermeasures (TSCM) inspections,
providing security sweeps for electronic surveillance, listening
devices, and technical cyber threats.
Certified Internal Auditor (CIA)
Certified Fraud Examiner (CFE)
Certified Instructor With The Maryland Police Training Commission For
Fraud Investigation For Law Enforcement
President Of The Maryland Chapter Of The Association of Certified Fraud
Employed At Morgan State University - Responsible For University Wide
Internal Management Auditing And Investigations
Insider Threat Vulnerabilities And Fraud
Vulnerability (ITV) creates a pathway for the opportunist to access
targeted sources of records from an inventory of files arranged into
categories that contain operating footprints of organizational plans
exposing the weaknesses of the internal control environment. An
opportunist will take advantage of these weaknesses.
In all organizations, internal and external threat exposure can result
in fraud and originates with underdeveloped business control practices.
These exposures drive the heartbeat of every organization affecting
hiring, communications, financial management, taxes, procurement, and
physical plant, security, transportation, and food services operations.
Such vulnerabilities weaken financial stability and become insider
threats to the going concern opportunities for business success. A
prescription of internal auditing and fraud assessment may serve
businesses well to minimize the effects of these threats.
INSIDER THREAT DISCUSSION PANEL
The following speakers
from above will be part of the Insider Threat Discussion Panel:
The Expo will provide attendees with visibility into
proven technologies and services (Currently Used By The U.S. Government
/ Private Sector) for Insider Threat Detection, Mitigation and
Prevention. If you want to see Employee User Activity Monitoring /
Behavioral Analytical Tool demonstrations, this is the event.
Some of the many great comments that were provided to the NITSIG about
the 2015 ITS&E, were the outstanding speakers and the large selection of
vendors that were on display. The NITSIG anticipates a large number of
vendors for this event.
Would your company
be interested in exhibiting at this event / expo? This is a very
important event for your company to showcase its commitment and
expertise in mitigating insider threats risks, but also your company's
products and services as well. Additionally, you will have a great
opportunity to collaborate with attendees on finding out their
interests, needs and challenges related to insider threat risk
If your company is interested in exhibiting at this event, please
contact Jim Henderson via
Or call; 561-809-6800
Vendors will be
listed below as they register for the
Insider Threat Defense (ITD) has become the "Leader-Go To
Company" for Insider Threat Program Development / Management Training
and Insider Threat Risk Management Services. We provide a broad
portfolio of training and services to potential clients, that will
address "Insider Threat Risks" with a cost effective, comprehensive and
ITD has provided our training and services to 540+ organizations
and 685+ security professionals working for;
U.S. Government Agencies (Department of Defense, Intelligence
Community), Defense Contractors, NCMS Members / Chapters, Defense
Security Service, Critical Infrastructure Providers, Aviation / Airline
Industry, Spacecraft Manufacturing-Launch Providers, Technology
Companies, Banking - Financial Industry, Health Care Industry, and other
large and small businesses.
ITD is extremely confident that you'll be happy with our training and
services. ITD can say with confidence that our clients are ranking us
#1 compared to the competition.
Veriato is an innovator in actionable User Behavior Analytics and a
global leader in User Activity Monitoring. More than 36,000 companies,
schools, and government entities worldwide utilize Veriato to gain
insight into the user activity on their network and enjoy the security
and productivity increases that come with it. Veriato’s product line
includes the world’s leading employee investigation tool (Veriato
Investigator), award-winning User Behavior Analytics (Veriato Recon) and
enterprise-grade User Activity Monitoring (Veriato 360).
Gemini Data provides a situational awareness platform (Smart
Infrastructure), that transforms data analysis and management with AI.
Gemini Enterprise automates the deployment and ongoing management of big
data platforms like Splunk, Hadoop, and Cloudera, reducing the burden on
teams that rely on these big data platforms every day. Gemini Enterprise
is designed for modern architectures leveraging big data platforms
needing to reduce complexity in the cloud or on premises. Gemini Data
was founded and built by experts from Splunk, ArcSight, and RSE that
understand the value of machine intelligence and security.
Leidos Cyber, Inc is
the commercial cybersecurity division of Leidos. Leidos is a Fortune
500® information technology, engineering, and science solutions and
services leader working to solve the world’s toughest challenges in the
defense, intelligence, homeland security, civil, and health markets. The
company’s 31,000 employees support vital missions for government and
commercial customers. Headquartered in Reston, Virginia, Leidos reported
annual revenues of approximately $10.17 billion for the fiscal year
ended December 29, 2017.
MathCraft Security Technologies is the leading provider of innovative
software for today’s security professionals. As a trusted partner within
the industrial security community, we work with government and corporate
organizations of all sizes to streamline operations, maximizing both
productivity and efficiency.
MathCraft’s robust product lines are compliant with Defense Security
Service (DSS) and NISPOM requirements for cleared contracts and
enterprises. Our solutions are carefully engineered to improve security
and compliance processes, giving Facility Security Officers (FSOs) and
employees the comprehensive tools that they need to manage data, monitor
visitors, and automate workflows. For ultimate convenience, they are
also available on-premises or via a FedRAMP-approved.
EXEC SECURITY TSCM
Exec Security provides Electronic Security Sweeps and Cyber TSCM
services. We specialize in electronic privacy protection through
technical surveillance countermeasures (TSCM), providing security sweeps
for electronic surveillance, listening devices, and technical cyber
Insider threats and corporate espionage often involve advanced technical
devices not considered during typical security and cyber inspections.
Threats can be concealed within existing hardware such as telephone and
communications equipment, or planted in a covert manner such as with
hidden cameras, cellular transmitters, or rogue wifi devices.
Professional TSCM sweeps are needed to ensure that boardrooms, meeting
facilities, research labs, and offices are secure from such intrusion
and information theft.
Exec Security has been providing TSCM sweeps for over twenty years. We
are based in New York but offer services throughout the U.S, and
worldwide. As one of the few professional TSCM providers in the United
States, our goal is to provide the highest standard of technical
services for executive and corporate security.
SIMS Software provides
comprehensive support for your Insider Threat Program. Identify threat
indicators and mitigate risks before you’re compromised.
SIMS Insider Threat capabilities include compliance with NISPOM C2
insider threat requirements, detailed reporting related to foreign
travel/contacts, incidents by quantity and type, access to information
systems and containers/areas and more.
SIMS supports collaboration between functional elements with storage of
insider threat data which can be shared or segregated based on company
Information can be compiled and tracked to identify potential insiders
who meet or exceed thresholds, applied mitigation and compliance
Emails can be used to notify the ITPSO and insider threat working group
regarding personnel requiring further review.
Our experienced security professionals are readily available to schedule
a demo of our products and benefits for your organization.
Dtex helps you understand what your users are doing in your environment
so you can secure your business better. The advanced behavior
intelligence platform is scalable enough to be deployed enterprise-wide
without negative impact to network performance. It gives you complete
visibility into everything your users do on their work devices – on and
off the corporate network – without compromising their privacy. In
addition to the thousands of already known patterns of bad behavior, our
analytics engine quickly establishes baseline individual user patterns
and gives you actionable, contextual alerts when anomalies are found.
With Dtex, you can eliminate insider threats, protect against outside
infiltrators, and find gaps in your existing security.
Dtex is a breed of its own. It is lighter and more visibility-focused
than DLP, cuts through the noise more effectively than SIEM, and bases
its analytics on endpoint visibility that most out-of-the-box UEBA
solutions are blind to. It’s the combination of thorough endpoint
visibility and intelligent, adaptive analytics that is perfectly poised
to fill the gaps and weaknesses of other security systems.
Organizations Deploy Dtex
SolarWinds provides powerful and affordable IT management and
monitoring software to customers worldwide, including nearly every U.S.
civilian agency, DoD branch, and intelligence agency. Our products are
easy to buy, install, use, scale, and maintain, yet still provide the
power to resolve any IT management problem.
Aveshka supports the full cyber range, from advising on policy,
planning, and assessments; to cyber intelligence fusion operations; to
network security operations; to digital forensics; to counteroffensive
operations as well as a resilient systems development life-cycle.
We provide these services to a diverse set of commercial and Federal
customers focused on national security and the nation’s critical
infrastructure, including programs with multiple components of the
Department of Homeland Security (DHS), the U.S. Cyber Command, DISA’s
Joint Service Provider (JSP), as well as other elements of the
intelligence community and the commercial sector.
THE RANGE OF SERVICES AND SOLUTIONS ENTAIL:
Design and Implementation of Tools and Technologies
Training in Detection, Analysis, and Response
Conducting Risk Assessments
Aveshka Cyber Security Brochure
TransUnion finds innovative ways information can be used to help
government make better and smarter decisions. We help uncover trends and
insights behind data points, using historical information and
alternative data sources. Through the power of information, TransUnion
is working with both industry and government partners to build stronger
insider threat programs that help protect our nation’s most important
The Exabeam Security Intelligence Platform provides organizations of
all sizes with end-to-end detection, analytics, and response
capabilities from a single security management and operations platform.
Exabeam SIP includes Exabeam Log Manager, a modern log management
system, built on top of ElasticSearch to provide unlimited data
ingestion at a predictable, cost effective price. Exabeam SIP detects
complex, multi-stage threats using the analytics capabilities of Exabeam
Advanced Analytics; the world's most deployed User and Entity Behavior
Analytics (UEBA) solution. Finally, Exabeam SIP improves incident
response efficiency with Exabeam Incident Responder, an API based
security orchestration and automation solution.
How A Pharmaceutical Company Uses Exabeam To Tackle The Insider Threat
Your biggest asset is also your biggest risk. Whether it is trusted
third parties, privileged users, or business users, people – and the
lack of visibility many security teams have into their actions - pose
the biggest security challenge to organizations. Insiders present a
massive risk because they have been given access to critical
applications, systems and data to do their jobs. With thousands of
global customers across all major verticals, ObserveIT is the only
insider threat management solution that empowers security teams to
detect insider threats, streamline the investigation process, and
prevent data exfiltration.
Digital Guardian is a next generation data protection platform
purpose built to protect your organization’s most valuable asset – your
sensitive data. Digital Guardian’s unique system, data and user
awareness and deep visibility, combined with behavioral analytics,
enables organizations to protect data regardless of the threat or
system. Whether you face malicious or inadvertent actors, Digital
Guardian provides the forensic evidence and the proactive controls to
ensure your data doesn’t leave your organization in an unauthorized
Counterintelligence (CI) Awareness & Operations Security (OPSEC)
The National Security Agency’s (NSA) extensive and innovative security
awareness program uses a multifaceted approach to continuously raise
security, counterintelligence (CI), and Operations Security (OPSEC)
consciousness. To achieve effective and timely security related
education, training, and awareness, NSA’s CI Awareness and OPSEC
organization provides security, CI, and OPSEC briefings; support to
special programs and events; publications to raise awareness; and other
security related products. Our most popular posters along with
brochures, notepads, puzzles, desk tents, and other items will be
available. Let us help you enhance your existing security/OPSEC
awareness program or build a new one.
NSA Security Product Catalog
Forcepoint, a market leader of insider threat solutions, has the
most widely deployed set of insider threat technologies with an
installed base approaching 1 million endpoints, delivering
enterprise-scale user activity monitoring and [behavioral] analytics
investigative professionals trust. Accelerate insider threat mitigation
by identifying irregular behavior around high-value data and providing
context to properly and holistically investigate. No matter where you
are in your Insider Threat Program, Forcepoint can help.
HID Global is the trusted leader in products, services and solutions
related to the creation, management, and use of secure identities for
millions of customers worldwide. Recognized for robust quality and
innovation, HID Global is the supplier of choice for OEMs, integrators,
and developers serving a variety of markets that include physical access
control; IT security, including strong authentication/credential
management; card personalization; visitor management; government ID; and
identification technologies for technologies for a range of
Product Overview Brochure
Approximately 69% of data breaches are caused by insiders, either
due to negligence or malicious intent. Jazz Networks helps protect
against the insider threat by simplifying complexities of unpredictable
human behavior and challenges with navigating enormous amounts of data.
The machine learning-powered platform increases visibility with
sophisticated user behavior analytics (UBA), identifying what’s normal
and alerting on what’s not. With millions of data logs organized
logically, security teams can leverage behavioral context and real-time
actions to enable faster time to resolution.
The unique Platform is comprised of the Jazz Infrastructure and Jazz
Agents. The Jazz Infrastructure, which includes the frontend Graphical
User Interface (GUI) and backend database and associated applications,
can be deployed on premise or in the cloud.
Jazz Agents are then deployed on computers and servers to collect data
and report it back to the Jazz Infrastructure. In an instance of no
network connection, the agent continues to spool events and provides the
information to the infrastructure upon reconnecting.
Network Data Sheet
Technical Surveillance Counter-Measures (TSCM) Services
Oriustm Wi-Fi Directional Finder
ComSec LLC provides
Electronic Eavesdropping Detection Services / Cyber TSCM Services. Our
services detect traditional and cyber eavesdropping devices as well
connectivity issues which can be exploited for eavesdropping purposes.
Our services are also referred to as Security Sweeps, Electronic Counter
Espionage, or TSCM Services. ComSec LLC’s services detect electronic
corporate espionage threats, including those perpetrated by Insider
Threats. We detect electronic eavesdropping devices from the very
complex to spy shop type devices, as well as IMSI catchers, and
Bluetooth, Wi-Fi and Internet of Things (IoT) vulnerabilities. Service
areas include C-Suite offices, boardrooms, new construction, aircraft,
yachts, and executive residences. We also offer contracted proactive
services and in-conference monitoring services.
ComSec LLC is also the exclusive supplier of the ORIUSTM Wi-Fi
Directional Finder, a portable hand-held device engineered to detect and
locate any device transmitting data, video or audio over the Wi-Fi
network. ORIUS™ performs a deep analysis of all the Wi-Fi devices in
scanning range. Devices connected and unconnected to Wi-Fi networks are
passively identified. ORIUS™ detects Wi-Fi Network anomalies and
provides alerts on suspicious activities, new networks appearing,
encrypted networks becoming un-encrypted and access point duplication or
disappearance. ORIUS™ also alerts when targets appear in range and can
expose un-authorized devices on the network, including hidden
surveillance equipment transmitting data over the Wi-Fi network.
ComSec LLC has been providing TSCM/Cyber TSCM services since 2007. We
offer services throughout the USA and globally. ComSec LLC’s services
are commissioned using highly effective proprietary processes, highly
skilled Specialists and the most advanced TSCM/Cyber TSCM available.
Oriustm Wi-Fi Directional Finder
LOCATION / REGISTRATION
Johns Hopkins University - Applied
Physics Laboratory (JHU-APL)
11100 Johns Hopkins Road
Right Off Of Johns Hopkins Road Onto Pond Road-See
Map Under Parking Information Below)
Laurel, MD 20723-6099
JHU-APL Visitor Guide
(See Page 8 For Hotels)
NITSIG ITSE JHU-APL Laurel, Maryland Map
Due to increased costs to
host this event, the NITSIG will be charging a small fee to attend this
(Open To Non-NITSIG Members)
Limited # Of Tickets (500)
substitutions must be received no later than 7 business days prior to
the start of this event. Please send an email with your full name and
organization, and the name, email and position title of the individual
who be attending in your place. Please send substitute information to:
Substitutions made after this date will be processed at the event
Food / Beverages
baked morning muffins, danish and bagels. Served with regular and
low-fat cream cheese, butter and jam.
coffee, decaf coffee, hot tea, dispensers of ice water
$10.00 coupon provided to
attendees to use at JHU-APL Cafeteria. This will cover most lunches.
Lunch is also available at surrounding food
coffee, decaf coffee, hot tea, dispensers of ice water
Complementary WiFi will be provided.
COMMENTS FROM 2015 /2017 INSIDER
THREAT SYMPOSIUM & EXPO
The Symposium and Expo was excellent. It was great to hear all the
speakers and I took away loads of information from each.
Booz | Allen | Hamilton
I really enjoyed the Insider Threat Symposium yesterday. You had great
speakers presenting and there was a lot of valuable information shared.
I look forward to the next symposium.
Thales Defense & Security, Inc.
I wanted to thank you for your efforts to put on a great symposium
today. I did get a chance to take in some great briefs, talk to some
vendors about some really interesting products and do a lot of good
networking. So, I would call that a big success. Please put me on the
mailing list for future products and gatherings that NITSIG is a part
Jacobian Enterises, LLC
Owner, Chief Insider Threat & Risk Management SME
Your inaugural conference was a clear success judging by the significant
number of attendees who stayed until the very last hour. Steven
McIntosh’s presentation was wonderfully organized and addressed many of
the underlying issues associated with implementing Insider Threat
Programs. Ron Ross (NIST), DeWayne Sharp (FBI), Greg Pannoni and
Kathleen Branch also garnered good feedback, as did Mike Caimonao of
Boeing. Lastly, you clearly hit a home run with Kurt Stammberger’s
presentation of Norse’s insight into the Sony breach.
Cyber Security / Business Development Consultant
must be a U.S. Citizen to attend this event. A valid Drivers License or
U.S. Government issued ID is required at the door.
News Media Representatives
MUST BE APPROVED
by the NITSIG to attend this event.
Continuing Professional Education Credits
will be eligible to earn 8 Continuing Professional Education (CPE)
Credits to go toward your security certification CPE requirements.
For more information on becoming a NITSIG Member (No Cost), please see
the link below:
Please send any questions about this event via
Or call; 561-809-6800