Event Details

NITSIG MEETING ANNOUNCEMENT FOR

JUNE 18, 2018

The NITSIG would like to invite its members and other security professionals to the next meeting.

Topic Of Discussion
Protecting Controlled Unclassified Information (CUI)

Background On Protecting CUI
On November 4, 2010, the President signed Executive Order 13556, Controlled unclassified Information. The Executive Order established a governmentwide CUI Program to standardize the way the executive branch handles unclassified information that requires protection. It designated the National Archives and Records Administration (NARA) as the Executive Agent to implement the program. The Archivist of the United States delegated these responsibilities to the Information Security Oversight Office.

The requirements for the protection of CUI provide a set of “minimum” security controls for contractor information systems upon which CUI is processed, stored on, or transmitted through contractor’s unclassified networks. These security controls must be implemented at both the contractor and subcontractor levels based on the information security guidance in NIST Special Publication (SP) 800-171: Protecting Controlled Unclassified Information In Non-Federal Information Systems And Organizations.

The CUI protection requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and nonfederal organizations. Failure to implement the security controls to protect CUI, would be a breach of contract.

For an Insider Threat Program to be robust and effective, it must be built upon an established security foundation within an organization. The NIST SP 800-171 covers many security controls that can support Insider Threat Risk Mitigation.

This meeting is also very well suited for any organization or business that is not required to protect CUI, but is looking to enhance their Information Systems Security Program / Insider Threat Program.

Time
9AM-12PM

Location
ManTech
Mission, Cyber & Intelligence Group
2251 Corporate Park Drive
Herndon, Virginia, 20171
3rd Floor

Parking
Parking is available in the garage next to the ManTech building.


Presenation # 1
Presentation- Topic Of Discussion
Protecting Controlled Unclassified Information (CUI)

This presenation will provide the attendees with an overview of the CUI Program, its origins, and review the safeguarding elements found in the CUI implementing directive 32 CFR Part 2002.

Speaker
Mark Riddle
Information Security Oversight Office
Senior Program Analyst
Lead for Controlled Unclassified Information Program Oversight

Presenation # 2
Presentation - Topic Of Discussion
Going Beyond Compliance Requirements For Protecting Controlled Unclassified Information

This presentation will focus on understanding simple techniques that "Malicious Insiders" can use to exfiltrate data and other valuable information from within an organization. These techniques have successfully been used to exfiltrate sensitive business information during Insider Threat Risk Assessments. Understanding the "Malicious Insiders Playbook" of options is critical.

Speaker
Jim Henderson
NITSIG Founder / Chairman
Insider Threat Program Development / Management Training Course Instructor
Insider Threat Analyst, Vulnerability Assessor & Mitigation Specialist
CEO Insider Threat Defense, Inc.
Bio

Who Should Attend
Insider Threat Program Managers
Insider Threat Program Senior Officials
Facility Security Officer (FSO) / Assistant FSO
Contracting Officers
Chief Security Officer (CSO)
Chief Information Officer (CIO)
Chief Information Security Officer (CISO)
Cyber Security Program Managers
Network Security / IT Security Personnel
Information System Security Manager / Officer
Information Assurance Manager / Officer

NITSIG Meetings Website

Interested In Becoming A NITSIG Member?

Note
You must be a U.S. Citizen to attend this event. A valid Drivers License or U.S. Government issued ID is required at the door.

News Media
All News Media Representatives MUST BE APPROVED by the NITSIG to attend this event.

Contact Info / Questions
Jim Henderson, CISSP, CCISO
Founder / Chairman Of The National Insider Threat Special Interest Group
CEO Insider Threat Defense, Inc.
Insider Threat Program Development / Management Training Course Instructor
Insider Threat Vulnerability Assessor & Mitigation Specialist
888-363-7241 / 561-809-6800
www.nationalinsiderthreatsig.org
[email protected]
www.insiderthreatdefense.us
[email protected]