Investigating Insider Threats

Similar documents
Steps to Take Now to be Ready if Your Organization is Breached Thursday, February 22 2:30 p.m. 3:30 p.m.

Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security

Department of Veterans Affairs VA DIRECTIVE April 17, 2006 WEB PAGE PRIVACY POLICY

Subject: University Information Technology Resource Security Policy: OUTDATED

Hacking and Cyber Espionage

Cybersecurity in Higher Ed

Chief Compliance Officer s (CCO s) Role in Cybersecurity Thursday, February 22 10:00 a.m. 11:00 a.m.

Anatomy of a Data Breach: A Practical Guide for Small Law Departments

NYDFS Cybersecurity Regulations: What do they mean? What is their impact?

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

Cybersecurity and Data Privacy

Cybersecurity & Privacy Enhancements

Getting Your Privacy House in Order

Developing Issues in Breach Notification and Privacy Regulations: Risk Managers Are you having the right conversation with the C Suite?

U.S. Private-sector Privacy Certification

THE WHITE HOUSE. Office of the Press Secretary EXECUTIVE ORDER

NATIONAL INSTITUTE OF FORENSIC SCIENCE

STRIPPING METADATA: WHAT EVERY ATTORNEY SHOULD KNOW-A WEBINAR

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

ESTABLISHMENT OF AN OFFICE OF FORENSIC SCIENCES AND A FORENSIC SCIENCE BOARD WITHIN THE DEPARTMENT OF JUSTICE

MNsure Privacy Program Strategic Plan FY

MANUAL OF UNIVERSITY POLICIES PROCEDURES AND GUIDELINES. Applies to: faculty staff students student employees visitors contractors

THE WHITE HOUSE Office of the Press Secretary EXECUTIVE ORDER

Mastering Data Privacy, Social Media, & Cyber Law

- Cyber threat information: information directly pertaining to,

79th OREGON LEGISLATIVE ASSEMBLY Regular Session. Senate Bill 90

Cyber Risks in the Boardroom Conference

Legal, Ethical, and Professional Issues in Information Security

Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Data Privacy & Protection

Financial Regulations, Enforcement & Cybersecurity

The HIPAA Omnibus Rule

We are releasing 7 pages of responsive documents. Pursuant to FOIA, certain information has been redacted as it is exempt from release.

Data Breach Preparation and Response. April 21, 2017

Cybersecurity Information Sharing Legislation

Certified Information Privacy Professional/United States

DEFENSIBLE DELETION TO DOWNSIZE YOUR DATA

Incident Response and Cybersecurity: A View from the Boardroom

A Privacy and Cybersecurity Primer for Nonprofits Nonprofits in the Digital Age March 9, 2016

Data Privacy and Cybersecurity

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE

-Eight types of cyber data, (Sec. 708(7))

CYBERSECURITY LEGISLATION IT OUT!

response to a Congressional request for agency -specific information on climate change, 2013 Requested date: 2013

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

UNITED STATES OFFICE OF PERSONNEL MANAGEMENT

Cybersecurity: Federalism as Defense-in-Depth

Section One of the Order: The Cybersecurity of Federal Networks.

Data Security and Breach Notification Legislative Update: What You Need to Know (SESSION CODE CRM001)

CYBERSECURITY. The Intersection of Policy and Technology YOU RE HERE TO MAKE A DIFFERENCE ṢM

The University of British Columbia Board of Governors

Advising the C-Suite and Boards of Directors on Cybersecurity. February 11, 2015

SECURITY STATE OF THE INDUSTRY

Cyber and Supply Chain Policy Issues

NATIONAL INFORMATION SHARING STRATEGY

Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m.

GEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards

Compliance Program Assessment Overview of Findings. Report to the Audit and Risk Committee of the Teachers Retirement Board June 8, 2016

Cyber Crime Seminar 8 December 2015

Summary Comparison of Current Data Security and Breach Notification Bills

Managing Cyber Risk. Robert Entin Executive Vice President Chief Information Officer Vornado Realty Trust

When the Other Brother Steps Up: State Privacy Enforcement Actions

COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017

HOW CORPORATE COUNSEL CAN MITIGATE CYBERSECURITY RISKS

The Evolving Threat to Corporate Cyber & Data Security

MYTH vs. REALITY The Revised Cybersecurity Act of 2012, S. 3414

Resolution: Advancing the National Preparedness for Cyber Security

CYBERSECURITY. Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack

The Stakes Are Going Up: Hacking and the New Paradigm of Data Breaches

Performance Audit: City Could Better Protect Personally Identifiable Information July 2015

Statisticians in the Federal Government: Producing Data on the Criminal Justice System

Motorola Mobility Binding Corporate Rules (BCRs)

CLE Alabama. Banking Law Update. Embassy Suites Hoover Hotel Birmingham, Alabama Friday, February 19, 2016

Virginia State University Policies Manual. Title: Information Security Program Policy: 6110

300 Riverview Plaza Odysseus Marcopolus, Chief Operating Officer Trenton, NJ POLICY NO: SUPERSEDES: N/A VERSION: 1.0

DAVID J BEHINFAR, JD., LLM., CHC, CHRC, CCEP, HCISPP, CIPP/US P23: AN EFFECTIVE PRIVACY PROGRAM BUILT THROUGH STRATEGIC VISION AND LEADERSHIP SUPPORT

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Effective Cyber Incident Response in Insurance Companies

DFARS Cyber Rule Considerations For Contractors In 2018

manner. IOPA conducts its reviews in conformance with Government Auditing Standards issued by the Comptroller General of the United States.

PROVIDING INVESTIGATIVE SOLUTIONS

EXECUTIVE SUMMARY JUNE 2016 Multifamily and Cybersecurity: The Threat Landscape and Best Practices

Government Privacy. Julie Smith McEwen, CIPP/G, CISSP Principal Information Systems Privacy and Security Engineer

Government Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security

NERC Staff Organization Chart Budget 2017

The Simple Guide to GDPR Data Protection: Considerations for and File Sharing

Program 1. THE USE OF CYBER ACTIVE DEFENSE BY THE PRIVATE SECTOR

ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015

Data Compromise Notice Procedure Summary and Guide

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

CYBER RISK MANAGEMENT SERVICES Is Your Company Prepared for a Cyber Attack?

SAC PA Security Frameworks - FISMA and NIST

NERC Staff Organization Chart

Introduction. Angela Holzworth, RHIA, CISA, GSEC. Kimberly Gray, Esq., CIPP/US. Sr. IT Infrastructure Analyst

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

GDPR: A QUICK OVERVIEW

Understanding, Writing, and Developing Accessibility Requirements

Building Privacy into Cyber Threat Information Sharing Cyber Security Symposium Securing the Public Trust

Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m.

Transcription:

Investigating Insider Threats February 9, 2016 Jonathan Gannon, AT&T Brenda Morris, Booz Allen Hamilton Benjamin Powell, WilmerHale 1

Panelist Biographies Jonathan Gannon, AT&T, Executive Director & Senior Legal Counsel: Jonathan Gannon is an attorney in the legal department of AT&T, where he advises the company s network security group on security matters, including responses to cyber attacks, network design, security policies, and coordination with the private sector and the government. He also advises clients on Executive Branch initiatives and legislative proposals on cybersecurity matters. Prior to joining AT&T, Mr. Gannon worked in the National Security Division at the U.S. Department of Justice, where he assisted in a variety of counterterrorism, counterintelligence, and cyber investigations, and at a law firm in Washington, D.C. He is an adjunct professor at George Washington University and a Certified Information Privacy Professional (CIPP/US). He received his J.D. from Vanderbilt University and his B.A. from the College of the Holy Cross. Brenda Morris, Booz Allen Hamilton, Deputy General Counsel: Brenda Morris joined Booz Allen Hamilton in January 2013, after 25 years of investigations and courtroom experience as a Federal and State prosecutor, Ms. Morris leads the Investigations Unit within the Law Department that focuses on internal investigative activity, certain litigation management functions, and protection of Booz Allen Hamilton s proprietary information. The Unit includes experienced attorneys, investigators and legal analysts who investigate potential violations of the Procurement Integrity Act, the Federal Corrupt Practices Act (FCPA) and other laws relating to contractor integrity, labor time charging issues, inadvertent information exposure and other incidents that could possibly require disclosure to the government, as well as potential violations of Booz Allen Hamilton s core values. The Unit draws upon the expertise of other Law Department practice groups on substantive legal matters and collaborates with other internal compliance functions, including regulatory compliance, information security, internal audit, security serves and human resources. Ms. Morris is an experienced litigator, specializing in white-collar fraud investigations. Before joining Booz Allen Hamilton, Ms. Morris served as Special Assistant to the Deputy Assistant Attorney General, and as the Principal Deputy Chief of the Public Integrity Section, Criminal Division, United States Department of Justice. Ms. Morris began her career as an Assistant District Attorney in the New York County District Attorney s Office, under District Attorney Robert Morgenthau. Ms. Morris has received numerous awards and recognition for her work, including the Assistant Attorney General s Award for Insuring Government Integrity, the Department of Justice, Internal Affairs Unit, and the Inspectors General Offices for the Department of State, the Environmental Protection Agency, and the General Services Administration. Benjamin Powell, WilmerHale, Partner: Benjamin Powell is a partner at WilmerHale where he co-chairs the firm s Cybersecurity, Privacy and Communications practice group. Mr. Powell is widely recognized as one of the country s top authorities on handling cybersecurity, data breach and related investigation matters. He is a leading attorney in handling complex investigation matters and national security issues, including matters involving the Defense Security Service and the Committee on Foreign Investment in the United States. He has counseled companies and handled sensitive investigations for many of the world s largest companies, including many of the most sensitive cybersecurity and data breach incidents in recent years. He has also represented clients in civil and criminal litigation involving privacy and surveillance issues at the state and federal level. Prior to joining WilmerHale, he was confirmed by the U.S. Senate to serve as General Counsel to the first three Directors of National Intelligence. He also served as Special Assistant to the President and Associate White House Counsel. He served as Law Clerk for Judge John M. Walker, Jr. on the United States Court of Appeals for the Second Circuit, and for Associate (Ret.) Justice Byron R. White and Associate Justice John Paul Stevens on the United States Supreme Court. Mr. Powell also served in the United States Air Force, worked at the Federal Bureau of Investigation, and served as the General Counsel to the Director of National Intelligence. Ben Powell can be contacted at Benjamin.Powell@wilmerhale.com or (202) 663-6770. 2

Agenda Unique Issues Regarding Insider Threat Programs Privacy Issues and Considerations Attorney-Client Privilege Whistleblowers Internal Investigations: Best Practices Audience Questions & Answers 3

Unique Issues Regarding Insider Threat Programs Classified networks and information Lack of clarity regarding regulatory framework National Industrial Security Program Operating Manual (NISPOM) Conforming Change #2 Size and source of data sets Potential intrusiveness Number of false positives with respect to data 4

Privacy Issues and Considerations Appropriate workforce notification Training and onboarding Policies and procedures Employee consent Banners User acknowledgements Control and use of data Handling personal data 5

Attorney-Client Privilege Importance of establishing privilege Role of the Office of the General Counsel in overseeing/managing an internal investigation Role of outside counsel in conducting an internal investigation Employee notification and consent with respect to interviews Effects on privilege Third-party reporting Defense Security Service Cognizant Security Agency Federal Bureau of Investigation Prime contractor 6

The Whistleblower Conundrum Distinguish whistleblowers from legitimate insider threat actors Avoid chilling legitimate whistleblower speech Ensure protected activity is not hindered Union organizing First Amendment considerations 7

Internal Investigations: Best Practices Training and Onboarding Adequately train new employees or those gaining access to classified information and networks Obtain employee consent to monitor data flows Educate employees on insider threats Oversight and Accountability Key organizational actors Human Resources Legal/Compliance/Ethics Business C-Suite executives IT Security Escalation within the organization It is not just the continuous monitoring of employees that matters, but continuous monitoring of your insider threat program to ensure compliance as well. 8

Internal Investigations: Best Practices continued Use of data sources and data feeds Retention of data Social media rules Governing law restrictions (e.g., ECPA, FCRA, HIPAA) International implications Transferring data overseas Conducting interviews outside the U.S. 9

Cybersecurity Information Sharing Act of 2015 SEC. 104(a) AUTHORIZATION FOR MONITORING. (1) IN GENERAL. Notwithstanding any other provision of law, a private entity may, for cybersecurity purposes, monitor (A) an information system of such private entity; (B) an information system of another non-federal entity, upon the authorization and written consent of such other entity; (C) an information system of a Federal entity, upon the authorization and written consent of an authorized representative of the Federal entity; and (D) information that is stored on, processed by, or transiting an information system monitored by the private entity under this paragraph. SEC. 106. PROTECTION FROM LIABILITY. (a) MONITORING OF INFORMATION SYSTEMS. No cause of action shall lie or be maintained in any court against any private entity, and such action shall be promptly dismissed, for the monitoring of an information system and information under section 104(a) that is conducted in accordance with this title. 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback