[December 2018] How to Build an Effective Insider Risk Mitigation Program by Michael Theis, Chief Engineer for CERT National Insider Threat Center, Intl Speaker, U.S. Army Counter Intelligence

ISSA-NOVA Chapter Meeting

How to Build an Effective Insider Risk Mitigation Program

Presented by   Michael Theis

Chief Engineer for CERT’s National Insider Threat Center, International Speaker, U.S. Army Counter Intelligence

Thursday, December 20, 2018 5:30 PM – Networking & Dinner, 6:00 PM – ISSA-NOVA Program

How to Build an Effective Insider Risk Mitigation Program

Since 2001, the CERT National Insider Threat Center (NITC) has been collecting data on insider incidents that enables it to assist organizations in improving their security posture. NITC has amassed a repository of over 2500 incidents where insiders have caused harm to critical assets. It has developed models of insider incidents describing how incidents tend to evolve overtime. This presentation will provide multiple incident examples, explain technical and behavioral risk indicators, and provide their financial, operational, and health/safety impacts to organizations. Michael Theis will give actionable guidance on how to build an effective insider risk mitigation program.

Michael C. Theis (pronounced Tice), CISSP, uses his 25+ years as a Counterintelligence Supervisory Special Agent supporting the US Intelligence Community along with his extensive engineering experience to aid NITC in developing controls for insider threats. He is the Chief Engineer in the CERT Division for the Software Engineering Institute (SEI) at Carnegie Mellon University. SEI supports the defense of the United States.

Mr. Theis consulted at the Defense Intelligence Agency (DIA), where he developed insider threat management strategies. He has been the Executive Director of Insider Threat Management for Raytheon Oakley Systems. And he was the first ever Cyber-CI Program Manager for the National Reconnaissance Office (NRO), which included detecting and deterring insider threats. As a Senior Intelligence Officer, he developed globally synchronized DoD Strategic CI Campaigns in support of the National Military Strategy of the Joint Chiefs of Staff and the national CI strategy of the Intelligence Community. He is a retired US Army Officer and CI Special Agent who has served in a myriad of positions including overseas operations in hostile areas.

In 2006, Mr. Theis was named one of the Premier 100 IT Leaders in the nation by COMPUTERWORLD Magazine. He is a frequent keynote speaker at government and private sector conferences and has guest lectured at Harvard and MIT about his work in insider threat.

Location: GDIT/CSRA, 15036 Conference Center Drive, Chantilly, VA 20151

https://gdit.com Park in front of the building else behind in the garage. The conference room is on the right.

Registration Link: https://tinyurl.com/issa-nova-2018DEC20

Actual link is https://app.smartsheet.com/b/form/aa21454e8108428aaf48fdee7e630e4c