NITSIG MEETING ANNOUNCEMENT FOR
JUNE 18, 2018
The NITSIG would like to invite its members and other security professionals to the next meeting.
Topic Of DiscussionProtecting Controlled Unclassified Information (CUI)
Background On Protecting CUIOn November 4, 2010, the President signed Executive Order 13556, Controlled unclassified Information. The Executive Order established a governmentwide CUI Program to standardize the way the executive branch handles unclassified information that requires protection. It designated the National Archives and Records Administration (NARA) as the Executive Agent to implement the program. The Archivist of the United States delegated these responsibilities to the Information Security Oversight Office.
The requirements for the protection of CUI provide a set of “minimum” security controls for contractor information systems upon which CUI is processed, stored on, or transmitted through contractor’s unclassified networks. These security controls must be implemented at both the contractor and subcontractor levels based on the information security guidance in NIST Special Publication (SP) 800-171: Protecting Controlled Unclassified Information In Non-Federal Information Systems And Organizations.
The CUI protection requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and nonfederal organizations. Failure to implement the security controls to protect CUI, would be a breach of contract.
For an Insider Threat Program to be robust and effective, it must be built upon an established security foundation within an organization. The NIST SP 800-171 covers many security controls that can support Insider Threat Risk Mitigation.
This meeting is also very well suited for any organization or business that is not required to protect CUI, but is looking to enhance their Information Systems Security Program / Insider Threat Program.
LocationManTechMission, Cyber & Intelligence Group2251 Corporate Park DriveHerndon, Virginia, 201713rd Floor
ParkingParking is available in the garage next to the ManTech building.
Presenation # 1Presentation- Topic Of DiscussionProtecting Controlled Unclassified Information (CUI)
This presenation will provide the attendees with an overview of the CUI Program, its origins, and review the safeguarding elements found in the CUI implementing directive 32 CFR Part 2002.
SpeakerMark RiddleInformation Security Oversight OfficeSenior Program AnalystLead for Controlled Unclassified Information Program Oversight
Presenation # 2Presentation - Topic Of DiscussionGoing Beyond Compliance Requirements For Protecting Controlled Unclassified Information
This presentation will focus on understanding simple techniques that "Malicious Insiders" can use to exfiltrate data and other valuable information from within an organization. These techniques have successfully been used to exfiltrate sensitive business information during Insider Threat Risk Assessments. Understanding the "Malicious Insiders Playbook" of options is critical.
SpeakerJim HendersonNITSIG Founder / ChairmanInsider Threat Program Development / Management Training Course InstructorInsider Threat Analyst, Vulnerability Assessor & Mitigation SpecialistCEO Insider Threat Defense, Inc.Bio
Who Should AttendInsider Threat Program ManagersInsider Threat Program Senior OfficialsFacility Security Officer (FSO) / Assistant FSOContracting OfficersChief Security Officer (CSO)Chief Information Officer (CIO)Chief Information Security Officer (CISO)Cyber Security Program ManagersNetwork Security / IT Security PersonnelInformation System Security Manager / OfficerInformation Assurance Manager / Officer
NITSIG Meetings Website
Interested In Becoming A NITSIG Member?
NoteYou must be a U.S. Citizen to attend this event. A valid Drivers License or U.S. Government issued ID is required at the door.
News MediaAll News Media Representatives MUST BE APPROVED by the NITSIG to attend this event.
Contact Info / QuestionsJim Henderson, CISSP, CCISOFounder / Chairman Of The National Insider Threat Special Interest GroupCEO Insider Threat Defense, Inc.Insider Threat Program Development / Management Training Course InstructorInsider Threat Vulnerability Assessor & Mitigation Specialist888-363-7241 / 561-809-6800www.nationalinsiderthreatsig.org[email protected]www.insiderthreatdefense.us[email protected]
Monday, Jun. 181:00 pm - 4:00 pm