ISSA-NOVA Chapter Meeting
How to Build an Effective Insider Risk Mitigation Program
Presented by Michael Theis
Chief Engineer for CERT’s National Insider Threat Center, International Speaker, U.S. Army Counter Intelligence
Thursday, December 20, 2018 5:30 PM – Networking & Dinner, 6:00 PM – ISSA-NOVA Program
How to Build an Effective Insider Risk Mitigation Program
Since 2001, the CERT National Insider Threat Center (NITC) has been collecting data on insider incidents that enables it to assist organizations in improving their security posture. NITC has amassed a repository of over 2500 incidents where insiders have caused harm to critical assets. It has developed models of insider incidents describing how incidents tend to evolve overtime. This presentation will provide multiple incident examples, explain technical and behavioral risk indicators, and provide their financial, operational, and health/safety impacts to organizations. Michael Theis will give actionable guidance on how to build an effective insider risk mitigation program.
Michael C. Theis (pronounced Tice), CISSP, uses his 25+ years as a Counterintelligence Supervisory Special Agent supporting the US Intelligence Community along with his extensive engineering experience to aid NITC in developing controls for insider threats. He is the Chief Engineer in the CERT Division for the Software Engineering Institute (SEI) at Carnegie Mellon University. SEI supports the defense of the United States.
Mr. Theis consulted at the Defense Intelligence Agency (DIA), where he developed insider threat management strategies. He has been the Executive Director of Insider Threat Management for Raytheon Oakley Systems. And he was the first ever Cyber-CI Program Manager for the National Reconnaissance Office (NRO), which included detecting and deterring insider threats. As a Senior Intelligence Officer, he developed globally synchronized DoD Strategic CI Campaigns in support of the National Military Strategy of the Joint Chiefs of Staff and the national CI strategy of the Intelligence Community. He is a retired US Army Officer and CI Special Agent who has served in a myriad of positions including overseas operations in hostile areas.
In 2006, Mr. Theis was named one of the Premier 100 IT Leaders in the nation by COMPUTERWORLD Magazine. He is a frequent keynote speaker at government and private sector conferences and has guest lectured at Harvard and MIT about his work in insider threat.
Location: GDIT/CSRA, 15036 Conference Center Drive, Chantilly, VA 20151
https://gdit.com Park in front of the building else behind in the garage. The conference room is on the right.
Registration Link: https://tinyurl.com/issa-nova-2018DEC20
Actual link is https://app.smartsheet.com/b/form/aa21454e8108428aaf48fdee7e630e4c
Related Posts
May 16 @5:30pm – Dr. Gary McGraw on Stacking up the LLM Risks: Applied Machine Learning Security
April 18 @5:30pm – Panel Discussion on Vehicle Security
March 21 @5:30pm – Ann Marie Keim on an overview of the FedRAMP program
February 15 @5:30pm – Inno Eroraha, Netsecurity Corp, CEO on Building Enterprise Cyber Resilient Capabilities
January 18 @5:30pm – Sean Walsh on CNAPP Unleashed: Your Key to Cloud-Native Data Protection
December 14 @5:30pm – Jim Wiggins on Generative Artificial Intelligence in Cybersecurity