NSI IMPACT Session Summaries

Monday, April 24 — 8:00am - 8:45am
Keynote Address:
New Challenges for Security In a World of Transition
Bill Evanina
National Counterintelligence Executive

The national security sector is going through a grand transition that will radically change the way security professionals do their jobs. From insider threats to state-sponsored cyber attacks on American companies, the entire threat landscape is changing dramatically with the increased sophistication of adversaries. In addition, changes to the way the government conducts security clearance evaluations, risk assessments and insider threat programs will re-write the book on security for years to come.

The Office of the National Counterintelligence Executive is at the forefront of these critical changes that will shape the future of security. Bill Evanina, who serves as both National Counterintelligence Executive (NCIX) and the Director of the National Counterintelligence Center will present this year’s keynote address and will offer insight into the most critical issues affecting security along with what it takes to protect classified information in today’s ever-changing risk environment.

Tapped in 2014 by the director of the Office of National Intelligence, Mr. Evanina is now immersed in coordinating multi-agency efforts to mitigate the risk of foreign spying and insider threats, assessing damage from intelligence leaks and overhauling the security clearance regime.

Monday, April 24 8:45am - 9:40am
Terrorism 2017: Countering Threats at Home and Abroad
Bradley Johnson, President, Institute for Security through Intelligence

America faces its highest threat from Islamist terrorists since the Sept. 11, 2001 terror attacks, according to the House Homeland Security Committee. ISIS and other terrorist groups have largely abandoned attempts to put together spectaculars like Sept. 11, and are focusing now on “a new landscape,” where lone killers, empowered by the technology of the digital age, can strike with smaller-scale massacres. Officials are convinced that terrorism will remain a grave threat during 2017. Preventing terrorist attacks remains the FBI’s top priority.

Michael Steinbach, FBI’s Executive Assistant Director, National Security Branch will examine the widespread reach of terrorists’ influence, which transcends geographic boundaries like never before. As terrorists become more creative, resourceful and technology savvy, their approaches will become more sophisticated and deadly.

You Will Learn:
➢ Vital intelligence about latest trends in terrorism
➢ ISIS recruiting efforts in the U.S.
➢ Effective and practical counterterrorism measures


Monday, April 24 10:40am - 11:40am
Espionage, Insider Threats: Real World Lessons Learned
David G. Major, President, CI Centre

In the post-Snowden world, federal agencies and cleared contractors know they need to defend against the real possibilities of insider threats and economic espionage—two threats that have been on a relentless upward trend. With the recent escalation of high profile cyber threats from hostile nation-states and malicious insiders, 2017 is poised to feature more of the same.

While new tools are needed to combat ever changing security threats, it is helpful to examine the recent history of espionage and insider threat incidents, because it’s possible to derive many important lessons for defending against them in the future. In this informative session, David Major, president and founder of the CI Centre, will provide several illustrative examples of the kind of damage that can be done along with valuable lessons on how to protect yourself and your organization. 

You Will Learn:
➢ Trends, patterns and security countermeasures
➢ Potential risks to watch for this year
➢ Risk mitigation strategies


Monday, April 24 11:40am - 12:40am
State of the DSS: Shaping the Future of Security
James J. Kren, Deputy Director, Defense Security Service

The Defense Security Service is working more closely than ever with cleared defense contractors and other stakeholders to ensure the protection of classified information. From processing record numbers of suspicious contact reports to oversight of industrial security and insider threat programs, DSS’s mission continues to evolve and change with the times. Find out what’s in store for DSS (and FSOs) in 2017, and how it will impact the changing compliance requirements of the NISP.

In this annual state of the DSS briefing, you’ll get a chance to hear about important plans and priorities that will affect the way DSS continues to accomplish its industrial security mission. Highlights include such vital topics as: security vulnerability assessments; insider threat program requirements; new risk management framework; security clearance processing and timelines; counterintelligence reporting; FOCI and CDSE training. 

You Will Learn:
➢ Security policy and program initiatives for 2017
➢ New NISPOM implementation requirements
➢ Compliance strategies to safeguard secrets


Monday, April 24 2:00 - 3:15pm
Best Practices in Implementing an Insider Threat Program
Randall Trzeciak, Director, Insider Threat Programs, CERT
Borna Emami, Sr. Manager, Deloitte Consulting
Wayne Belk, Co-Director, Nat. Insider Threat Task Force, ODNI

Government agencies and contractors are facing increasing security challenges from insider threats. Recent arrests, such as that of Harold Martin, a government contractor for the NSA, serve as a stark reminder of the danger of the insider threat and illustrate the need for improved security within all organizations. In an effort to address this complex problem, the U.S. government has issued Executive Order 13587 and NISPOM Change 2 to increase protections against insider threats within government agencies and contracting companies.

These newly implemented federal rules that call for the creation of mandatory insider threat programs have many organizations scrambling to comply. Once implemented, contractors have continuing obligations to gather and report relevant and credible information that indicates potential or actual insider threats. In addition, contractors are required to monitor classified network activity and conduct self-inspections of their insider threat programs.

This comprehensive workshop is designed to develop the critical components of an insider threat program and will highlight regulatory requirements, proven best practices and social-psychological factors critical to shaping a comprehensive insider threat program.

You Will Learn:
➢ Key components of an effective insider threat program
➢ Program implementation best practices
➢ Behavioral risk indicators
➢ How to improve your security posture against inside threats
➢ Strategies to mitigate insider threats

Monday, April 24 3:45pm - 5:00pm
Transition to the Defense Information System for Security (DISS)
Quinton Wilkes, Corp. Security Mgr., L-3 Com
Nick Levasseur, Dep. Prog. Mgr. for DISS, DMDC

The Pentagon’s new Defense Information System for Security (DISS), promises to transform how personnel security, and clearance suitability data are collected, reviewed, and shared. It replaces the legacy Joint Personnel Adjudication System (JPAS) system with a more secure, end-to-end IT system.

DISS is designed to meet several requirements of security clearance reform efforts, including reciprocity, automated record checks, and continuous evaluation. It will also cover various records, including personal information, DoD affiliation types, employment status, eligibility status for security clearances, foreign travel and contacts, security-associated incident reports, debriefing as well as records of adjudication and investigations conducted by federal investigative agencies.

According to DoD, the new system will work to help the department determine an individual’s eligibility to access classified data, check employment suitability and perform personal identity verification for accessing government systems and facilities. Successfully navigating your way around the new DISS will not come without some growing pains. This comprehensive workshop will explore problems and resolutions and provide an extended opportunity for you to have all of your questions answered.

You Will Learn:
➢ Rules of the road to navigate the new DISS
➢ Steps to minimize problems and get help
➢ How to obtain timely access to automated records


Tuesday, April 5 8:00am - 8:45am
Cyber Security: Navigating a Changing Threat Landscape
Lucia M. Ziobro, Section Chief, Cyber Operational Engagement, FBI

New cybersecurity threats are emerging daily; each one more sophisticated than the last, evolving to do more damage and affect more organizations. From ransomware and the Internet- of-Things to spear-phishing and social engineering attacks, cybercriminals will continue to expand their reach in 2017. In addition, workplace mobility is enabling employees to access sensitive information resources from anywhere in the world and on any device.

As a result, employees and data are leaving the network perimeter and sensitive data is becoming more vulnerable than ever. As cyber threats evolve, so must the way that we react to and deal with them. Staying ahead of emerging threats and the increasing sophistication of cybercriminals requires constant vigilance. No one can predict when the next cyber breach will happen – so it’s all about pre-emptive strategy. In this presentation, you’ll gain expert advice on how your organization can better prepare for, defend against, and respond to changing cyber security risks.

You Will Learn:
➢ How to stay ahead of emerging threats
➢ Key trends that you should anticipate in 2017
➢ Best practices for mitigating cyber threats


Tuesday, April 25 8:45am - 9:45am
Trends in Social Engineering: Securing the Weakest Link
Jason Clark, Insider Threat Researcher, CERT

Industry analysts and security experts can all agree on one security constant: Your people are your biggest security vulnerability. It’s no surprise, then, that social engineers have capitalized on this weakness, making social engineering one of the biggest security challenges facing organizations today. While social engineering attacks come in many forms, the common thread is that they involve an attacker exploiting a human vulnerability.

Social engineering was identified as a key element in several high profile security breaches including the hacking of former CIA director John Brennan’s email account. Today, email-based attacks using social engineering are enabling cybercriminals to steal corporate secrets, carry out politically motivated attacks and steal massive amounts of sensitive data. In this session, you’ll learn how social engineering is evolving in 2017, and how to help employees shed the bad habits that make them vulnerable.

You Will Learn:
➢ Current trends in social engineering
➢ The psychology behind the threats
➢ Common forms of attack

Tuesday, April 25 10:00am - 11:00 am
Transformation of the Security Clearance Process
Charles Phalen, Director, NBIB
Perry Russell-Hunter, Director, DOHA

Several key building blocks are now in place to implement security clearance reforms designed to improve the speed and efficiency of the vetting and adjudication process in the wake of the Edward Snowden leaks and the Navy Yard shooting.

The recently established National Background Investigations Bureau (NBIB), is tasked with leading the overhaul and overseeing clearance and adjudication standards. While trimming the clearance backlog is a priority, reducing the time it takes to complete an investigation is the agency’s top focus. Additionally, personnel security investigation and adjudication are being strengthened to ensure that clearance processing addresses insider threats. In this informative Q&A panel session, you’ll hear from two of the key government players involved in the security clearance process and ongoing reform efforts.

You Will Learn:
➢ Current reforms underway and what they mean to you
➢ Best practices to resolve clearance problems
➢ How to ensure timely clearance processing


Tuesday, April 25 11:00am - 12:00pm
Understanding the New Risk Management Framework Process
Karl Hellman, Asst. Dep. Director, NISP Authorization Office, DSS

The new Risk Management Framework (RMF) is changing that way that cleared contractors and agencies obtain certification and accreditation of their classified IT systems. Developed by the National Institute of Standards and Technology, RMF focuses on a standard set of activities to certify and accredit DoD information systems. The new standards are dynamic, risk management focused and offer continuous monitoring practices.

This session will help you successfully transition to the Risk Management Framework and ensure that you’ll be in compliance with the new standards. If your organization is struggling with getting through the process of obtaining accreditation for your systems or if you just need direction on how to get started then this session is for you. You’ll have an expanded opportunity to have all your questions answered.

You Will Learn:
➢ Identify the steps and tools in the RMF process
➢ Keys to submitting SSP’s that get approved
➢ Deep dive into the authorization process


Tuesday, April 25 1:45pm - 3:00pm
Track I — Protecting Controlled, Unclassified Information
Mark Riddle, Sr. Prog. Analyst, Information Security Oversight Office

Classified information usually gets all the attention, but a new rule that went into effect in November, addresses the way controlled, unclassified information (CUI) is marked, handled and disseminated. The new rule defines CUI as an intermediate level of protected information between classified information and uncontrolled information. It’s designed to replace the inconsistent, and often conflicting, patchwork of over 100 different agency-specific policies, markings and other requirements used to control “Sensitive But Unclassified” information.

A key function of the rule is to ensure that agencies and contractors are marking and handling the information in the same way. Documents that may have been marked “proprietary” or “official use only” will now be marked “CUI.” This workshop will provide an overview of the CUI Program, along with looming deadlines for implementation.

You Will Learn:
➢ Key features of the new CUI program
➢ Special marking and handling requirements
➢ CUI milestones and timelines


Tuesday, April 25 1:45pm - 3:00pm
Track II — Navigating the NISP Contracts Classification System (NCCS)
Lisa Gearhart, Sr. Policy Analyst, Defense Security Service

The new National Industrial Security Program (NISP) Contracts Classification System (NCCS) is now online and DSS is implementing it in a phased approach for both government and industry. The NCCS was designed to automate the paper-driven DD Form 254 — the foundational document for classified contracts. The new web-based system creates a single, centralized, and secure repository for all DD254s. Users will have the capability of drafting original, revised, and final DD254s, completing facility clearance sponsorship requests, and providing approvals for the flow down of certain security accesses to subcontractors.

This workshop features a demonstration of the NCCS, its deployment timeline, registration and system access requirements, available functionality, and future enhancements. This is your opportunity to learn how to navigate the new NCCS and have your questions answered.

You Will Learn:
➢ NCCS set up requirements
➢ Retrieve real time statuses of DD 254 submissions
➢ How to manage and monitor DD 254 activities


Tuesday, April 25 3:20pm - 4:35pm
Track I —DSS Industrial Security Issues and Answers
Matt Roche, Asst. Deputy Director Operations, Industrial Security
Keith Minard, Asst. Director, NISP Admin. and Policy Analysis
Jeff Spinnanger, Asst. Director for Strategic Engagement, CI Office
Karl Hellmann, Asst. Deputy Director, NISP Authorization Office

Sweeping changes in the National Industrial Security Program mean that FSOs will have more compliance issues to contend with in 2017. DSS vulnerability assessments will broaden their scope to include insider threat programs and new information system security mandates. Keeping up with changing requirements and knowing where potential problems lie is critical to avoid security compliance issues and safeguard classified information. Maintaining an effective security program and achieving a “superior” rating should be a key element of your security strategy.

This interactive Q&A session features key personnel from the Defense Security Service who will guide you through the compliance issues you face in meeting NISPOM requirements. You’ll also find out what red flags IS reps are encountering during their contractor assessment visits so you can avoid any potential problems in your security program and help you on your path to compliance.

What You'll Learn:
➢ Hands-on advice for keeping your program in compliance
➢ Industrial security program initiatives for 2017
➢ How to achieve security excellence

Tuesday, April 25 3:20pm - 4:35pm
Track II — How to Build a Strong Security Awareness Program
Valarie Fountaine, National Security Training Institute

Awareness is a powerful tool in creating culture, and influencing organizational behavior. But few awareness programs are delivering on their intended impact as employee missteps and insider threats continue to dominate the headlines. Changing behavior is one of the greatest challenges security practitioners face when implementing security awareness programs. Convincing people to change is hard in any arena, but when it comes to security – an area which most people neither know nor care much about – it’s especially difficult.

So how do you empower your workforce with the security know-how to help protect government and company secrets? In this eye-opening session, Martin McNair, an expert on security training, will offer insights on what works in security awareness programs – and what doesn’t. You’ll get insights on how to build and deliver a program that makes employees smarter about security.

You Will Learn:
➢ How to create an awareness program that people won’t hate
➢ Critical factors that lead to high-impact awareness
➢ Marketing techniques that get employee buy-in


Wednesday, April 26 8:00am - 8:45am
Strategies to Counter Cyber Threats to National Security
Dr. Shawn P. Murray, Principal Scientist, Cyber Security Professional
US Missile Defense Agency

Cyber threats and attacks are one of the most serious economic and national security challenges the United States faces, and are increasing in scale and intensity. The nation’s critical networks, infrastructure, communications and data are increasingly at risk from diverse and persistent threats. These include rogue states, cybercriminals and terrorists who are showing an aptitude to employ sophisticated capabilities against us. As cyber attacks on U.S. government and commercial computer systems increase at alarming rates, the risk for national security information to be compromised is also growing.

The National Security Agency is on the frontlines in defending the government’s national security systems from a growing array of threats. This briefing will examine emerging threats on the virtual horizon and how to defend against them.

You Will Learn:
➢ The state of the cyber threat for 2017
➢ Defenses against cyber attack methods
➢ Insight into cyber threat actors


Wednesday, April 26 8:45am - 9:30am
Security Leadership Tools: What You Need in Your Toolbox
April H. Armstrong, CEO, AHA Insight

In today’s rapidly changing world, the mission of security is expanding and managers face a new test of leadership. As a security professional, you are responsible for managing the crucial links between safeguarding government secrets and information assets, and personnel security and insider threats. It is a job that continues to change, and as the scope and complexity of technology’s contribution increases, so does the role of security.

While security programs transform to meet new threats, it will be up to you to refine your skills in communications and undertake the disciplined approach required for effective leadership during this time of change. There is a tendency within security organizations to focus on reactive security rather than taking a proactive approach. In this valuable session you’ll be given useful tools and strategies to help navigate change and focus forward.

You Will Learn:
➢ How to improve your people skills
➢ How to gain buy-in for your ideas
➢ Leadership tools you need to succeed


Wednesday, April 26 9:50am - 10:35am
The Evolving NISP: Navigating The Road Ahead
Mark Bradley, Director, Information Security Oversight Office

The National Industrial Security Program (NISP) is undergoing significant changes in several key areas that will dictate future requirements for the protection of classified and sensitive unclassified information. The Information Security Oversight Office (ISOO), which oversees the government-wide security classification system and the National Industrial Security Program, is at the forefront of these efforts.

As changes to industrial security policy advance, security practitioners can take a number of steps now to address changing requirements and stay ahead of coming reforms. This timely presentation will bring you up to speed on key areas of government security that will affect the way you do your job. Among the issues to be examined are: classification management; Controlled Unclassified Information (CUI); Insider Threat program requirements; security policy implementation; new reporting requirements; and much more.

Key Issues:
➢ Understand changing security policies
➢ What’s on the NISPPAC agenda for 2017
➢ NISPOM revision and updates

Wednesday, April 26 10:35am - 11:35am
DICE 2017: Make Security Great Again
Ray Semko, The DICEman

There’s no denying that we live in a dangerous world. We continue to face grave security threats like terrorism, cyber attacks and insider threats. Barely a day goes by without a major security breach coming to light. Combating these threats begins with fostering a culture of security awareness and re-emphasizing the role that everybody plays in security. To coin a phrase, making security “great again”.

Ray Semko, security expert and creator of the well-known DICE Program, will wrap up IMPACT with a high-energy briefing on the 2017 threat environment and advice to help protect your organization and strengthen your security program. This security consciousness-raising session will equip you with tools and techniques to educate your workforce on the growing threats to national security from foreign spies, terrorists, and malicious insiders.

You Will Learn:
➢ Understanding the role of the individual
➢ Why security is more vital than ever
➢ How to go from awareness to action