EARN CLE CREDITS
FORUM ON
INSIDER THREAT RISK MANAGEMENT November 10, 2021 (EST) • Virtual Conference
Critical Updates from: Robert Rohrer Director, National Insider Threat Task Force Office of the Director of National Intelligence Gerald Caron Chief Information Officer U.S. Department of Health and Human Services
Benchmark with Leading Experts From: • Mastercard • Google • Microsoft • Zoom Video Communications • John Hopkins Applied Physics Laboratory • Scripps Safe • Viaccess Orca (Orange Group)
Insider incidents have increased by 47% in the past two years. There has never been a more critical time to stay on top of emerging security, compliance and liability risks. Join key stakeholders to discuss critical, high stakes challenges coming across your desk, including:
Angle-Right CCPA, GDPR and Employee Monitoring in Practice: Balancing security and privacy law limits
Angle-Right Detecting Insider Threats from the Outside: The Biggest Pitfalls to Avoid for Third Party Due Diligence and Audits
Angle-Right Remote and Hybrid Work Arrangements: The Newest Best Practices for Mitigating Emerging Risks and Unknowns
Angle-Right Automating Insider Threat Detection Systems and Reducing False Alarms Through Machine Learning
COMPLIMENTARY WEBINAR: Emerging Insider Threats – Oct. 6, 2021 (see page 3 for details)
Associate Sponsor:
AmericanConference.com/InsiderThreat • 888 224 2480
Angle-Right Best Practices for a Multidisciplinary Approach to Security: HR, Legal, Compliance and Security Working Together to Mitigate Insider Threats
a C5 Group Company Business Information in a Global Context
Real world insider threat cases: Amazon fired a number of employees after they shared customer email address and phone numbers with a third-party in violation of their policies. – Tech Crunch (January 2020) Workers increasingly steal company data during ‘turnover tsunami’. Rise in insider threats comes as disgruntled employees quit in record numbers as lockdowns ease. – Financial Times (2021) A former Cisco engineer has been sentenced to 24 months behind bars after causing millions of dollars in damages and losses for his former employer. – Infosecurity Magazine (December 2020) Twitter hackers trick employees by posing as IT workers, NY probe finds. – Fox Business (October 2020) Former Google exec sentenced to 18 months for stealing self-driving car secrets. – The Verge (August 2020) Pentagon Plans to Track Social Media to Identify Insider Threats. – Bloomberg Law (2021)
CONFERENCE CHAIR
SPEAKER FACULTY INCLUDES
Michael Adams Chief Counsel to COO and CISO Zoom Video Communications MJ Thomas Director of Security General Dynamics - Bath Iron Works
GOVERNMENT SPEAKERS Gerald Caron Chief Information Officer and Assistant Inspector General for Information Technology U.S. Department of Health and Human Services Robert Rohrer Director, National Insider Threat Task Force Office of the Director of National Intelligence
2 | #ACIinsiderthreat
Jennifer Archie Partner Latham & Watkins LLP
Jessica Nall Partner, Litigation & Government Enforcement Baker McKenzie LLP
Mohsen Azari Senior InfoSec Cyber Security Manager Walmart
Christopher Pimentel Insider Threat Detection Program Manager Google
Seth Eichenholtz Head of Insider Threat Risk Management Mastercard
Karen Plonty Chief Security Officer Momentus
Thora Johnson Partner Orrick, Herrington & Sutcliffe LLP
Larkin Ryder Product Security
Christine Maury Panis EVP, General Counsel and Security Viaccess Orca (Orange Group) Leonard Moss Chief Security Officer, Security Services Department Head John Hopkins Applied Physics Laboratory
twitter: @ACI_IntTrade linkedin: ACI: Legal
Slack
Waqas Shahid Senior Managing Director Ankura
Christopher von Zwehl SVP/ Rx Security Expert Scripps Safe
R A T EN R IM INA L P EB M CO W
Y
EMERGING INSIDER THREATS: How Industry is Revisiting Risk Management and Incident Response CALENDAR-ALT OCTOBER 6TH, 2021 1:00 p.m. – 2:00 p.m. EDT
Insider incidents have risen 47% in the past two years. A survey by Cybersecurity Insiders showed that 68% of organizations feel moderately to extremely vulnerable to insider attacks. There is an increased awareness and determination in both public and private organizations in hardening their security programs from insider threats.
Miriam Wugmeister Partner Morrison & Foerster LLP
With so much at stake, join us at ACI’s timely, complimentary webinar on the evolving landscape of insider threats, security solutions, legal requirements, enforcement risks, and best practices. Ensure that you are fully up-to-speed on critical developments, including: • The leading causes of insider threats and lessons learned from recent cases • Lessons for strengthening an insider threat security program and staying ahead of the curve • Debunking privacy law myths: Setting the record straight on what you can (and cannot) do in practice • Overcoming the biggest hurdles to sustaining a corporate culture of reporting and breach prevention
James Ammons Senior Associate, Insider Risk Booz Allen
• Managing the increased security risks posed by remote workers • Insider threat awareness training for employees: Taking stock of what works – and what doesn’t
Click here to Register for Free
AmericanConference.com/InsiderThreat • 888 224 2480
a C5 Group Company Business Information in a Global Context
CONFERENCE DAY
November 10 , 2021 (Eastern Standard Time) th
10:00
Chairperson Opening Remarks 10:15
Keynote Address
microphone-alt Robert Rohrer, Director, National Insider Threat Task Force 10:45
CCPA, GDPR AND EMPLOYEE MONITORING IN PRACTICE
Balancing Insider Threats and Employee Privacy: How Far You Can Go in Monitoring Employee Work, Activity and Access on Company Systems and Personal Devices
microphone-alt Seth Eichenholtz, Head of Insider Threat Risk Management, Mastercard Christine Maury Panis, EVP, General Counsel and Security, Viaccess Orca Jennifer Archie, Partner, Latham Watkins • Breaking down the framework and compliance requirements for employee privacy mandated by the California Consumer Privacy ACT (CCPA) and GDPR • Legal implications and challenges of conducting background checks, employee monitoring and data collection • Modification and compliance recommendations for insider threat programs • Building a transparent insider threat program that builds trust with employees, and meets state and federal compliance requirements 11:30 1:1 Networking
Insider Threats from Outside of the Office: Mitigating Emerging Risks and Unknowns of Remote and Hybrid Work Arrangements
microphone-alt Gerald Caron, Chief Information Officer and Assistant Inspector General for Information Technology, U.S. Department of Health and Human Services
Christopher Pimentel, Insider Threat Detection Program Manager, Google • Creating total network visibility into attack points and conducting remote employee risk assessments • Training workforces on proper prevention techniques to detect and defend against phishing and social engineering attacks • Incentivizing positive behaviors by enabling employees to own their careers, such as with training opportunities and professional development. • Monitoring employees’ personal device use and outgoing enterprise data transfer patterns • Cultivating a culture of compliance and accountability across your organization 1:30
Lunch
2:00
KEYNOTE ADDRESS
Unique Challenges Posed by Insider Threats to the Tech Industry 2:30
Machine Learning in Action: Automating Insider Threat Detection Systems and Reducing False Alarms • Using user behavior and entity (UBE) datasets to improve accuracy of the detection systems • Deploying data from user profiles and behavioral models to optimize baselines • Setting rules and actions that are triggered in case of a security breach to proactively prevent threats and alert admins 3:15
Afternoon Break
3:30
How Resilient is Your Program? Testing and Bolstering Insider Threat Programs Through Risk Assessments, Red Teaming and Data Loss Prevention (DLP) Tools
11:45
Morning Break
12:00
VENDORS, PARTNERS, CONTRACTORS AND SUBCONTRACTORS
Detecting Insider Threats from the Outside: The Biggest Pitfalls to Avoid for Third Party Due Diligence and Audits
microphone-alt MJ Thomas, Director of Security at General Dynamics, Bath Iron Works Waqas Shahid, Senior Managing Director, Ankura Karen Plonty, Chief Security Officer, Momentus • Performing corporate due diligence and risk assessments on a third-party vendor • Treating business partners, contractors, and subcontractors with the same level of scrutiny as regular employees • Performing regular audits of third-party vendor’s compliance with cybersecurity standards and enforce access management and activity monitoring • Devising a plan for detecting and responding to a third-party related security breach in a timely fashion
4 | #ACIinsiderthreat
12:45
twitter: @ACI_IntTrade linkedin: ACI: Legal
microphone-alt Mohsen Azari, Senior InfoSec Cyber Security Manager, Walmart • Using red teams to test security protocols against unpredictable events • Performing risk assessments to evaluate existing capabilities to prevent, detect and respond to insider threats • Ensuring DLP solutions monitor employee behavior and protect the most critical data assets 4:15
Best Practices for a Multidisciplinary Approach to Insider Threat Management: How HR, Legal, Compliance and Security Are Working Together
microphone-alt Christopher von Zwehl, SVP/ Rx Security Expert, Scripps Safe Jessica Nall, Partner, Litigation & Government Enforcement, Baker McKenzie LLP Larkin Ryder, Product Security, Slack • Creating insider threat programs that adopts cross-functional departmental cooperation to identify and mitigate insider threats swiftly • Identifying the roles and duties of each department in the event of an insider incident • Creating a work culture of shared responsibility that rewards cooperation 5:00
Chairperson’s Closing Remarks
The Lobby is your starting point… View the Schedule See What is “Happening Now”
FILE-PDF
Access Conference Materials Accreditation Information
HANDSHAKEHANDSHAKE
Map Out Your Virtual Experience. True Interaction from Start to Finish.
Check Out Our Sponsors
Maximize Your Conference Experience
Update your profile
Review your profile, upload a picture and connect your social media accounts to personalize your presence.
Users
View Related Conferences
People tab
You can also engage with other attendees directly. Find a person in the attendee list to send a message and/or an invitation to a video chat.
The Sessions area contains the majority of the conference programming and networking events. CHEVRON-DOUBLE-RIGHT Attend live sessions, ask questions, comment in the chat function, and take part in live polling.
Emma McAdam VP, Government Affairs
Janet Smith VP, General Counsel
The 1:1 Networking is a fast-paced opportunity to meet new people and expand your professional network.
Olivia Thomson Chief Compliance Officer
Polling
Weigh in and seize the opportunity to benchmark with industry peers in real-time.
Luis Santos Director
Ramesh Kumar Partner
Enter this area to be paired up at random with other attendees for a quick video meet-up.
Jean Roux VP, Business Development
KEYNOTE
Patricia Harden Head of Sanctions
Use the Chat feature
to ask questions and engage with fellow attendees, speakers and sponsors.
Miyuki Johnson VP, Manufacturing
Plan to visit the Expo often. It will be open before, during, and after the conference.
Robert Rohrer Director National Insider Threat Task Force
Use this opportunity to explore new products and services from leading providers, and meet with new and existing partners over video chat.
Turn your camera on
for roundtable sessions, networking events and video chats for a more engaging virtual connection.
Make Connections Join scheduled “1:1 Networking” sessions. They are an interactive way to expand your network of peers.
Engage with solution providers of all kinds by visiting the “Expo” to watch videos and live demonstrations, and for face-to-face conversations.
Use the “People” tab to create new relationships and strengthen existing ones within your industry.
3 Ways to Register
ONLINE:
AmericanConference.com/InsiderThreat
PRICING
EMAIL: CustomerService@AmericanConference.com
CONFERENCE CODE:
REGISTRATION CODE:
Register & Pay by October 15, 2021
Register & Pay after October 15, 2021
B00-731-731L22.WEB
$995
$1195
Bringing a Team?
Virtual Conference
PHONE:
1-888-224-2480
All program participants will receive an online link to access the conference materials as part of their registration fee. Additional copies of the Conference Materials available for $199 per copy. To update your contact information and preferences, please visit https://www.AmericanConference.com/preference-center/. Terms & conditions and refund/cancellation policies can be found at AmericanConference.com/company/faq/
3-4
10% Conference Discount*
5+
Call 888-224-2480
731L22.VRT
Special Discount ACI offers financial scholarships for government employees, judges, law students, non-profit entities and others. For more information, please email or call customer service.
*Team/group registrations must be from the same organization/firm and register together in one transaction.
Accreditation will be sought in those jurisdictions
hands-helping BECOME A SPONSOR With conferences in the United States, Europe, Asia Pacific, and Latin America, the C5 Group of Companies: American Conference Institute, The Canadian Institute, and C5 Group, provides a diverse portfolio of conferences, events and roundtables devoted to providing business intelligence to senior decision makers responding to challenges around the world. Don’t miss the opportunity to maximize participation or showcase your organization’s services and talent. For more information please contact us at: SponsorInfo@AmericanConference.com
EARN CLE requested by the registrants which have continuing CREDITS
education requirements. This course is identified as nontransitional for the purposes of CLE accreditation.
ACI certifies this activity has been approved for CLE credit by the New York State Continuing Legal Education Board. ACI certifies this activity has been approved for CLE credit by the State Bar of California. ACI has a dedicated team which processes requests for state approval. Please note that event accreditation varies by state and ACI will make every effort to process your request. For more information on ACI’s CLE process for virtual events visit: www.americanconference.com/accreditation-instructions-for-virtual-attendance/
About us:
The C5 Group, comprising American Conference Institute, The Canadian Institute and C5 in Europe, is a leading global events and business intelligence company. For over 30 years, C5 Group has proVided the opportunities that bring together business leaders, professionals and international experts from around the world to learn, meet, network and make the contacts that create the opportunities. Our conferences and related products connect the power of people with the power of information, a powerful combination for business growth and success.
© American Conference Institute, 2021
Join Our Email List to Stay Connected SIGN UP TO RECEIVE EXCLUSIVE DISCOUNTS, OFFERS AND PROGRAM UPDATES AmericanConference.com/join-our-email-list/