Insider Threat Risk Management

November 10, 2021 (Eastern Daylight Time)

Agenda (Eastern Daylight Time)

Day 1 - Wednesday, November 10, 2021

10:00	Chairperson Opening Remarks
10:15	Keynote Address
10:45	CCPA, GDPR AND EMPLOYEE MONITORING IN PRACTICE Balancing Insider Threats and Employee Privacy: How Far You Can Go in Monitoring Employee Work, Activity and Access on Company Systems and Personal Devices
11:30	1:1 Networking
11:45	Morning Break
12:00	VENDORS PARTNERS CONTRACTORS AND SUBCONTRACTORS Detecting Insider Threats from the Outside: The Biggest Pitfalls to Avoid for Third Party Due Diligence and Audits
12:45	Insider Threats from Outside of the Office: Mitigating Emerging Risks and Unknowns of Remote and Hybrid Work Arrangements
1:30	Lunch
2:00	Keynote Address on Unique Challenges Posed by Insider Threats to the Tech Industry
2:30	Machine Learning in Action: Automating Insider Threat Detection Systems and Reducing False Alarms
3:15	Afternoon Break
3:30	How Resilient is Your Program? Testing and Bolstering Insider Threat Programs Through Risk Assessments, Red Teaming and Data Loss Prevention (DLP) Tools
4:15	Best Practices for a Multidisciplinary Approach to Insider Threat Management: How HR, Legal, Compliance and Security Are Working Together
5:00	Chairperson’s Closing Remarks

Day 1 - Wednesday, November 10, 2021

10:00	Chairperson Opening Remarks
10:15	Keynote Address Robert Rohrer Director, National Insider Threat Task Force Office of the Director of National Intelligence
10:45	CCPA, GDPR AND EMPLOYEE MONITORING IN PRACTICE Balancing Insider Threats and Employee Privacy: How Far You Can Go in Monitoring Employee Work, Activity and Access on Company Systems and Personal Devices Seth Eichenholtz Head of Insider Threat Risk Management Mastercard Christine Maury Panis EVP, General Counsel and Security Viaccess Orca (Orange Group) Jennifer Archie Partner Latham & Watkins LLP Breaking down the framework and compliance requirements for employee privacy mandated by the California Consumer Privacy ACT (CCPA) and GDPR Legal implications and challenges of conducting background checks, employee monitoring and data collection Modification and compliance recommendations for insider threat programs Building a transparent insider threat program that builds trust with employees, and meets state and federal compliance requirements
11:30	1:1 Networking
11:45	Morning Break
12:00	VENDORS PARTNERS CONTRACTORS AND SUBCONTRACTORS Detecting Insider Threats from the Outside: The Biggest Pitfalls to Avoid for Third Party Due Diligence and Audits MJ Thomas Director of Security General Dynamics - Bath Iron Works Waqas Shahid Senior Managing Director Ankura Karen Plonty Chief Security Officer Momentus Performing corporate due diligence and risk assessments on a third-party vendor Treating business partners, contractors, and subcontractors with the same level of scrutiny as regular employees Performing regular audits of third-party vendor’s compliance with cybersecurity standards and enforce access management and activity monitoring Devising a plan for detecting and responding to a third-party related security breach in a timely fashion
12:45	Insider Threats from Outside of the Office: Mitigating Emerging Risks and Unknowns of Remote and Hybrid Work Arrangements Gerald Caron Chief Information Officer and Assistant Inspector General for Information Technology U.S. Department of Health and Human Services Christopher Pimentel Insider Threat Detection Program Manager Google Creating total network visibility into attack points and conducting remote employee risk assessments Training workforces on proper prevention techniques to detect and defend against phishing and social engineering attacks Incentivizing positive behaviors by enabling employees to own their careers, such as with training opportunities and professional development. Monitoring employees’ personal device use and outgoing enterprise data transfer patterns Cultivating a culture of compliance and accountability across your organization
1:30	Lunch
2:00	Keynote Address on Unique Challenges Posed by Insider Threats to the Tech Industry
2:30	Machine Learning in Action: Automating Insider Threat Detection Systems and Reducing False Alarms Using user behavior and entity (UBE) datasets to improve accuracy of the detection systems Deploying data from user profiles and behavioral models to optimize baselines Setting rules and actions that are triggered in case of a security breach to proactively prevent threats and alert admins
3:15	Afternoon Break
3:30	How Resilient is Your Program? Testing and Bolstering Insider Threat Programs Through Risk Assessments, Red Teaming and Data Loss Prevention (DLP) Tools Mohsen Azari Senior InfoSec Cyber Security Manager Walmart Using red teams to test security protocols against unpredictable events Performing risk assessments to evaluate existing capabilities to prevent, detect and respond to insider threats Ensuring DLP solutions monitor employee behavior and protect the most critical data assets
4:15	Best Practices for a Multidisciplinary Approach to Insider Threat Management: How HR, Legal, Compliance and Security Are Working Together Christopher von Zwehl SVP/ Rx Security Expert Scripps Safe Jessica Nall Partner, Litigation & Government Enforcement Baker McKenzie LLP Larkin Ryder Product Security Slack Creating insider threat programs that adopts cross-functional departmental cooperation to identify and mitigate insider threats swiftly Identifying the roles and duties of each department in the event of an insider incident Creating a work culture of shared responsibility that rewards cooperation
5:00	Chairperson’s Closing Remarks

Event Contacts

Partnership Opportunities

American Conference Institute

Email Us

Speaking Opportunities

American Conference Institute

Email Us

Sponsorship Opportunities

American Conference Institute

Email Us

Join Our Mailing List

Receive exclusive discounts, offers and agenda updates directly to your inbox.