Exfiltration & Government: Designing an Insider Threat Program

More than 55% of all cyber-crime incidents and security breaches are caused by insiders. These insiders have many motivations — financial, political, or even emotional — but the common factor is they all inappropriately access an organization’s critical-value data. While governments around the world have communicated the importance of addressing insider threats, real-world efforts have been patchy. It is easy to understand why some organizations have avoided the issue; the challenge of detecting and deterring insider threat appears massive and it is hard to know where to start.

Panel Host:

• Jason Miller, Executive Editor, Federal News Radio

Panel Guests:

• Andrew Castor, Deputy Associate Deputy Director, FBI
• Patty Larsen, Co-Director, National Insider Threat Task Force
• Keith Lowry, Senior Vice President, Business Threat Intelligence & Analysis Team, Nuix

Andrew James Castor
Deputy Associate Deputy Director
Director’s Office

Andrew James Castor was appointed Deputy Associate Deputy Director in February 2013.  In this position, Mr. Castor oversees the management of all FBI personnel, budget, administration, and infrastructure.  Prior to his assignment in the Director’s Office, Mr. Castor served as the Deputy Assistant Director of the FBI’s Counterterrorism Division Operational Support Branch since July 2010.

In April 1989, Mr. Castor entered on duty as a Special Agent with the FBI.  Upon completion of his training at the FBI Academy in Quantico, Virginia, Mr. Castor was assigned to the San Antonio Division.  While there, he investigated a wide range of cases, primarily focusing on white collar crime matters such as large scale bank failures.  Mr. Castor earned several awards during his time in San Antonio, including the Western District of Texas Law Enforcement Officer of the Year.

Mr. Castor was promoted to Supervisory Special Agent in the Financial Institution Fraud Unit of the Criminal Investigative Division’s Financial Crimes Section at FBI Headquarters in 1996.  In that role, his national program responsibilities included the FBI’s efforts to address financial institution fraud, specifically in the areas of mortgage and loan fraud, check fraud, and electronic payment systems fraud.

Patty Larsen
Co-Director
National Insider Threat Task Force

Patty Larsen was named the Co-Director of the National Insider Threat Task Force in January 2014, representing the Director of National Intelligence.  She leads US Government-wide implementation of Executive Order 13587 to improve the security of classified networks and the responsible sharing and safeguarding of classified information.

Ms. Larsen has been assigned to the National Counterintelligence and Security Center and its predecessor, the Office of the National Counterintelligence Executive (ONCIX), since August 2005.  Her previous assignment was as the Deputy Assistant Director of the Office of the National Intelligence Manager (NIM) for Counterintelligence (CI).  The office provides National CI Officers (NCIO) and their staffs who serve as the focal point for all CI issues in their regional or functional areas, driving collection, analysis, and other solutions to address gaps.  This assignment follows a tour as the Deputy Assistant Director of the Acquisition Risk Directorate at ONCIX improving supply chain risk management across the US Government.

From 2011-2012, Ms. Larsen was on a joint duty assignment at the National Geospatial-Intelligence Agency (NGA) CI office, improving CI support to NGA and better integrating NGA CI with the rest of the community.

Before departing for joint duty, Ms. Larsen was the Chief of the Program Evaluation Group within ONCIX.  In this capacity she oversaw US government-wide CI resource planning and programming and advocated for CI resources; helped agencies build or enhance their CI programs; expanded CI support to the US government departments and agencies outside the IC; and ran the CI Mission Review process to evaluate how effectively the CI community is accomplishing the objectives of the National Counterintelligence Strategy.  She also served as the ONCIX performance manager and as a CI program analyst, integrating budget and performance for the CI community.  As Deputy of the Collection branch within the ONCIX, she brought together collection managers from across the CI community to improve all source collection in response to CI requirements.

Ms. Larsen also served in the Defense Intelligence Agency’s Joint Counterintelligence Division as the European Command desk officer, linking the EUCOM CI Staff Officer with the Joint Staff.  Concurrently she worked in CI collection management, translating analyst requirements into DOD CI Collection Requirements and managing analyst evaluations of DOD Intelligence Information Reports generated by those requirements to close intelligence gaps.

Keith Lowry
Senior Vice President, Business Threat Intelligence & Analysis Team
Nuix

Keith has more than 25 years of experience implementing, managing, and directing insider threat, counterintelligence, and intelligence collection programs. He is a former law enforcement officer and High-Technology Crime Unit detective with the City of San Jose California and a United States Navy Mobilized Reservist. He also served as Chief of Staff to the Deputy Under Secretary of Defense for Human intelligence, Counterintelligence and Security at the Pentagon, and as an information security consultant in the private sector.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.