NATIONAL INSIDER THREAT SPECIAL INTEREST GROUP - NITSIG

 

HOME   ABOUT US   MEMBERSHIP  CHAPTERS   MEETINGS   PUBLIC SPEAKING

 INSIDER THREAT NEWS E-MAGAZINE

INSIDER THREAT SURVEYS, REPORTS, INCIDENTS

INSIDER THREAT RISK MITIGATION RESOURCES

INSIDER THREAT SYMPOSIUM & EXPO

INSIDER THREAT RISK MITIGATION VENDORS 

SPONSORS   PRESS RELEASES   CONTACT US

 

 

National Insider Threat Special Interest Group - Virginia Chapter

 

Meetings

 

The NITSIG is excited to announce the creation of a Virginia Chapter. The NITSIG greatly appreciates and thanks the ManTech Mission, Cyber & Intelligence Group, in Herndon, Virginia for offering to host NITSIG Virginia Chapter Meetings.

 

The NITSIG would like to invite its members and other security professionals to the next meeting. Non-NITSIG Members may attend.

 

Their is NO CHARGE to attend NITSIG meetings.  Meeting attendees will receive comprehensive guidance and best practices that they can use to establish and manage an Insider Threat Program, to protect their organizations data, information systems, networks and personnel from Insider Threat risks.

 

Date

June 18, 2018

 

Time

9am-12pm

 

Meeting Location

ManTech
Mission, Cyber & Intelligence Group
2251 Corporate Park Drive
Herndon, Virginia, 20171

3rd Floor

 

Parking is available in the garage next to the ManTech building.

 

 

Topic Of Discussion
Protecting Controlled Unclassified Information (CUI)

Background On Protecting CUI
On November 4, 2010, the President signed Executive Order 13556, Controlled Unclassified Information. The Executive Order established a government wide CUI Program to standardize the way the executive branch handles unclassified information that requires protection. It designated the National Archives and Records Administration (NARA) as the Executive Agent to implement the program. The Archivist of the United States delegated these responsibilities to the Information Security Oversight Office.

The requirements for the protection of CUI provide a set of “minimum” security controls for contractor information systems upon which CUI is processed, stored on, or transmitted through. These security controls must be implemented at both the contractor and subcontractor levels based on the information security guidance in NIST Special Publication (SP) 800-171: Protecting Controlled Unclassified Information In Non-Federal Information Systems And Organizations.

The CUI protection requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and nonfederal organizations. Failure to implement the security controls to protect CUI, would be a breach of contract.

For an Insider Threat Program to be robust and effective, it must be built upon an established security foundation within an organization. The NIST SP 800-171 covers many security controls that can support Insider Threat Risk Mitigation.

This meeting is also very well suited for any organization or business that is not required to protect CUI, but is looking to enhance their Information Systems Security Program / Insider Threat Program.
 

 

Presentation # 1
Presentation - Topic Of Discussion
Protecting Controlled Unclassified Information (CUI)

This presentation will provide the attendees with an overview of the CUI Program, its origins, and review the safeguarding elements found in the CUI implementing directive 32 CFR Part 2002.

Speaker
Mark Riddle
Information Security Oversight Office
Senior Program Analyst
Lead for Controlled Unclassified Information Program Oversight



Presentation # 2
Presentation - Topic Of Discussion
Going Beyond Compliance Requirements For Protecting Controlled Unclassified Information

This presentation will focus on understanding simple techniques that "Malicious Insiders" can use to exfiltrate data and other valuable information from within an organization. These techniques have successfully been used to exfiltrate sensitive business information during Insider Threat Risk Assessments. Understanding the "Malicious Insiders Playbook" of options is critical.

Speaker
Jim Henderson

NITSIG Founder / Chairman

Insider Threat Program Development / Management Training Course Instructor
Insider Threat Analyst, Vulnerability Assessor & Mitigation Specialist
CEO Insider Threat Defense, Inc.
(Bio)

 

Registration

Link To NITSIG Meeting Tickets On Eventbrite:
The cost to attend is FREE. Please visit the link below to reserve your seat at the meeting. Seating is limited to 125 people, so please register early.

Registration Link

 

Attendance Requirements

You must be a U.S. Citizen to attend this event. A valid Drivers License or U.S. Government issued ID is required at the door.

 

News Media
All News Media Representatives MUST BE APPROVED by the NITSIG to attend this event.

 


 

PREVIOUS MEETINGS

 

Date

December 5, 2017

 

Time

9am-12pm

 

 

Speakers / Presentations


Topic
Human Resources Interaction With An Insider Threat Program

Presentation
The presentation will focus on Human Resources interactions and contributions with the Insider Threat Program. The gathering and sharing of employee information is essential for the success of an Insider Threat Program. Equally important is protecting employee's privacy and civil liberties.

 

Download Presentation

Presented By
Davita N. Carpenter, SHRM-SCP
Vice President of Human Resources / Employee Care
Compliance / Ethics Officer
Novetta


Bio
 


 

Topic

Behavioral Indicators Of Insider Threat: Looking Forward

Presentation
This presentation explores the increasing role of behavioral science plays in understanding and mitigating the process by which a trusted insider becomes a malicious actor. The presentation will also cover the current dominant behavioral / psychological model of Insider Threat.
 

Download Presentation


Presented By:
Dr. Robert Gallagher
Senior Behavioral Advisor
DoD Insider Threat Management and Analysis Center (DITMAC)
NITSIG Board Member / Scientific Director

Bio
 


 

Topic
Using Financial And Public Records Data Analytics For Insider Threat Detection

Presented By
Jeffrey Huthn - Transunion

Presentation
This presentation will discuss how utilizing trended financial and public records data analytics can provide investigators with insights into employees’ behavior outside of the workplace and may be indicative of elevated risk to their behavior as it applies to the workplace.

 

Download Presentation

 


 

NITSIG Membership Application

To join the NITSIG you must complete and sign the NITSIG Membership Application. Instructions for e-mailing the application to the NITSIG are in the application. 

NITSIG Membership Application

 

Once the NITSIG receives your application, it will be reviewed for approval. You will receive an e-mail once your application has been approved. Once approved, you will be added to the NITSIG e-mail distribution list for future meeting announcements and other information. A valid photo ID will need to be presented for admittance to NITSIG meetings.

 

NITSIG Chapters

Please contact the NITSIG if you would be interested in establishing a NITSIG Chapter in your area. As a NITSIG Chapter President you will be recognized as a leader and expert dedicated and committed to Insider Threat Risk Mitigation.

 

 

Questions
Please send any questions about this event via email to; info@nationalinsiderthreatsig.org

Or call; 561-809-6800

 

 

Copyright © 2014 - National Insider Threat Special Interest Group ™ - All Rights Reserved - Legal Notice