Insider Threat Workshop
5/17/2018 - 5/18/2018 7:00 am - 3:30 pm
JW Marriott Camelback Inn Resort & Spa
5402 East Lincoln Drive
Scottsdale,  AZ  85253
Event Type : Training
Event Code : 880A
This event has been canceled due to low participation. We anticipate another workshop to be scheduled in FY18.
This two-day program is designed to help organizations develop the critical components of an Insider Threat Program using modern analytic techniques and measures.
Learn how to evolve your current security program into a converged management structure that will identify and deter individuals who pose both violent and non-violent threats. Learn the skills and procedures required to identify factors that are critical to shaping a comprehensive Insider Threat Program.
Real case studies are used to show how work behavior can reveal early signs of a potential insider threat, to examine the potential risk indicators and to reveal how organizations can be structured to best detect and deter the insider threat.
- Learn the methodologies that experts use to recruit insiders and individual motivators.
- Examine behavioral risk indicators & identify organizational and situational triggers for
the violent & non-violent insider threat.
- Learn techniques for internal alerting, reporting, collecting, storing, & evaluating data
relevant to insider threat indicators.
- Learn the psychometric approach for designing metrics, how to analyze metrics, &
techniques for re-purposing existing metrics to best fit your organization’s needs.
On October 7, 2011, the President signed Executive Order 13587, “Structural Reforms to
Improve Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information.” Executive Order 13587 directs the heads of agencies that operate or access classified computer networks to have responsibility for appropriately sharing and safeguarding classified information.
In November 2012, the White House issued National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs. These minimum standards provide the Departments and Agencies with the minimum elements necessary to establish effective insider threat programs. These elements include the designation of a senior official(s); capability to gather; integrate; and centrally analyze and respond to key threat - related information; monitor employee use of classified networks; provide the workforce with insider - threat awareness training; and protect the civil liberties and privacy of all personnel.
Implementation of the National Insider Threat Policy for cleared industry will be outlined in Conforming Change 2 of the National Industrial Security Program Operating Manual
(NISPOM). While not yet issued, the conforming change will outline insider threat
requirements for cleared industry operating under the National Industrial Security Program.
These minimum standards will include:
- Establishing an insider threat program
- Designating an insider threat senior official who is cleared in connection with the facility clearance
- Self-assessments of insider threat programs
- Insider threat training for insider threat program personnel and awareness for employees
- Monitoring network activity
Day 1: Thursday, 17 May
0715-0745 Goals, Objectives, and Introductions
0745-0815 Overview of an Insider Threat Program
0815-0900 Components of an Insider Threat Program
0915-1115 Developing an Operational Strategic Plan and CONOPS
1115-1145 Collaboration and Convergence
1145-1215 The Insider Threat Working Group
1315-1400 Integrated Behavioral Model of the Insider
1400-1515 Performance Metrics and Presentation Guidelines
Day 2: Friday, 18 May
0715-0730 What Did We Learn Yesterday?
0730-0930 Education and Training
0945-1030 Enterprise Security Risk Management
1030-1215 Continuous Monitoring/Evaluation
1315-1415 Team Exercises
1430-1515 Team Exercises
1515-1530 Course Conclusion