ARLINGTON, VA (April 10, 2017) - INSA hosted Unprecedented Counterintelligence Threats: Protecting People, Information, and Assets in the 21st Century, a symposium with government and industry leaders to discuss how the public and private sectors can collaborate more closely to address counterintelligence challenges.
In his keynote address, National Counterintelligence Executive Bill Evanina advocated for a holistic approach to mitigating insider threats, supply chain vulnerabilities, and cyber security that involves both government and industry. Evanina noted the diligent work being undertaken by contractors to mitigate insider threats and protect sensitive information, emphasizing that contractors are an integral part of the trusted, cleared workforce. “We need to quickly, and I will say urgently, eliminate this mindset that the only insider threats are contractors," he said. "It’s not true.”
Following the keynote, INSA members Daniel McGarvey of Alion Science and Technology and Vince Corsi of IBM presented a white paper developed by INSA’s Security Policy Reform Council and its Insider Threat Subcommittee. The report, Assessing the Mind of the Malicious Insider, identified the psychological stressors that drive employees to undertake destructive acts and described the ways in which software tools could identify at-risk employees by analyzing their use of language in emails, social media posts, and other communications.
Subsequent panels addressed best practices in implementing insider threat programs, legal issues pertaining to sharing information regarding personnel security, supply chain security, and the long-term impact of the data breach at the Office of Personnel and Management.
Keynote: Bill Evanina, National Counterintelligence Executive
Mr. Evanina discusses the importance of developing “a whole-of-government approach plus a whole-of-country approach” to mitigating insider threats, including threats to critical infrastructure and the security supply chain, as well as economic espionage. He also touched on the importance of making the American public more aware of the risks presented by counterintelligence operations conducted by U.S. adversaries.
- Bill Evanina, National Counterintelligence Executive, Office of the Director of National Intelligence
Psychology of the Malicious Insider
INSA members Dan McGarvey and Vincent Corsi discuss the psychological traits and stressors that can lead to malicious behavior and propose continuous evaluation methodologies—personality trait detection, stress and emotion detection, and life event detection—that can provide early warning of potentially destructive acts. This was the first public discussion of INSA's white paper on the topic, Assessing the Mind of the Malicious Insider.
- Vincent Corsi, Threat and Fraud Manager, IBM
- Dan McGarvey, Senior Principal Business Analyst, Alion Science & Technology
- Michael Gelles, Managing Director, Deloitte (moderator)
Best Practices in Implementing Insider Threat Programs
Secure and appropriate movement of information about employee behavior is essential to implementing an effective insider threat program, but mismanaged information can degrade workforce trust and morale, as well as cross legal and ethical boundaries. This panel discusses how to collect and share information responsibly as part of an insider threat program, including coordination with human resources and legal departments.
- Wayne Belk, Co-Director, National Counterintelligence and Security Center National Insider Threat Task Force
- Jeffrey Huth, Vice President for Product Strategy, TransUnion Government Information Solutions
- Sandy MacIsaac, Senior Manager, Deloitte
- Michael Seage, Director, Defense Insider Threat Management and Analysis Center
- Doug Thomas, Director, Counterintelligence Operations and Investigations, Lockheed Martin (moderator)
Legal Issues, Insiders, and Security
- Alexander Joel, Chief, Office of Civil Liberties, Privacy, and Transparency, Office of the Director of National Intelligence
- John Martinez, Vice President and General Counsel, Raytheon Intelligence, Information and Services
- David Mayfield, Senior Intelligence and National Security Legal Advisor, Department of the Army, Office of General Counsel
- David Buckley, Managing Director, Federal Advisory - Forensic Leader, KPMG (moderator)
Supply Chain Security: Threats, Solutions, and the Goal of "Delivering Uncompromised"
- Jon Amis, Director, Supply Chain Assurance, Dell
- James Harry, Principal, Public Sector Practice, PwC
- Eric Nelson, Director, Products Group, Boeing
- Bill Stephens, Counterintelligence Director, Defense Security Service
- Harvey Rishikof, Senior Counsel, Crowell & Moring (moderator)
The Long-Term Impact of the OPM Data Breach
- Lou Bladel, Executive Director, Assurance Services, Ernst & Young
- Mary Rose McCaffrey,Vice President for Security, Northrop Grumman
- Charles Phalen, Director, National Background Investigations Bureau
- Dennis Keith, Vice President for Global Security, Harris (moderator)