Insider Threat Workshop

Insider Threat Cyber
  • 2/14/2017 - 2/15/2017
  • NDIA
    2101 Wilson Blvd., Suite 700
    Arlington,  VA  22201
  • Event Type : Training
    Event Code : 780A



This two-day program is designed to help organizations develop the critical components of an Insider Threat Program using modern analytic techniques and measures.

Learn how to evolve your current security program into a converged management structure that will identify and deter individuals who pose both violent and non-violent threats. Learn the skills and procedures required to identify factors that are critical to shaping a comprehensive Insider Threat Program.

Real case studies are used to show how work behavior can reveal early signs of a potential insider threat, to examine the potential risk indicators and to reveal how organizations can be structured to best detect and deter the insider threat.


Learning Objectives:

  • Learn the methodologies that experts use to recruit insiders and individual motivators.
  • Examine behavioral risk indicators & identify organizational and situational triggers for
    the violent & non-violent insider threat.
  • Learn techniques for internal alerting, reporting, collecting, storing, & evaluating data
    relevant to insider threat indicators.
  • Learn the psychometric approach for designing metrics, how to analyze metrics, &
    techniques for re-purposing existing metrics to best fit your organization’s needs.

On October 7, 2011, the President signed Executive Order 13587, “Structural Reforms to
Improve Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information.”  Executive Order 13587 directs the heads of agencies that operate or access classified computer networks to have responsibility for appropriately sharing and safeguarding classified information.

In November 2012, the White House issued National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs.  These minimum standards provide the Departments and Agencies with the minimum elements necessary to establish effective insider threat programs.  These elements include the designation of a senior official(s); capability to gather; integrate; and centrally analyze and respond to key threat - related information; monitor employee use of classified networks; provide the workforce with insider - threat awareness training; and protect the civil liberties and privacy of all personnel.

Implementation of the National Insider Threat Policy for cleared industry will be outlined in Conforming Change 2 of the National Industrial Security Program Operating Manual
(NISPOM).  While not yet issued, the conforming change will outline insider threat
requirements for cleared industry operating under the National Industrial Security Program.

These minimum standards will include:

  • Establishing an insider threat program
  • Designating an insider threat senior official who is cleared in connection with the facility clearance
  • Self-assessments of insider threat programs
  • Insider threat training for insider threat program personnel and awareness for employees
  • Monitoring network activity


Mr. Terence Rice
(703) 247-9468