Mar. 5–7, 2024

2nd International Symposium on Insider Threat Mitigation

Location: Brussels, Belgium

Language: English

Audience: Personnel from governments, industry, or academia who are responsible for developing or implementing insider threat mitigation programs.

Registration for the 2024 Symposium is closed.

Panelist at the International Symposium on Insider Threat Mitigation

Expect the Unexpected: Exploring Multidisciplinary Approaches to Insider Threat Mitigation

The three-day Symposium with approximately 200 participants will feature engaging panel discussions, interactive sessions, and networking with practitioners. The Symposium brings together our international community of practice.

The purpose of the symposium is to showcase meeting commitments per the 2016 Joint Statement on Mitigating Insider Threats (INFCIRC/908) while developing and fostering an integrated insider threat mitigation community for the nuclear security domain. With more than 30 countries and INTERPOL subscribed to INFCIRC/908, the International Symposium on Insider Threat Mitigation will be a critical forum for discussion, action, and collaboration.

2024 Agenda

Monday, March 4, 2024

Time

Topic

1600-1900

Registration & Travel Grant Distribution

Tuesday, March 5, 2024

Setting the Stage: INFCIRC/908 Since 2016 and Today's Challenges

Time

Topic

0830-0930

Registration & Travel Grant Distribution

0930-0945

Logistics & Housekeeping
Logistics, safety, and first aid discussion

0945-1015

INFCIRC/908: A journey from past to present
This session will provide an overview of INFCIRC/908 initiatives from 2016 to present with strong emphasis on the developing insider threat mitigation community of practice. An updated video montage will be shown highlighting new subscribers, regional and international events, and the Advancing INFCIRC/908 International Working Group efforts.

1015-1030

Steering Committee Member Appreciation Ceremony
Presentation of certificates to current INFCIRC/908 Steering Committee members

1030-1105

Coffee Break: Press Moment

1105-1115

Opening Remarks + Photo Opportunity
The opening remarks will highlight the importance of nuclear security and insider threat mitigation.

1115-1200

Emerging Issues Panel Discussion
Emerging technologies and global conflicts present both risks and opportunities for nuclear security practitioners. In this plenary session, participants will explore the risks and benefits on nuclear security measures, in particular the mitigation of insider risks.

1200-1245

Nuclear Regulator Roundtable
Innovative approaches to strengthening legal frameworks to support nuclear security will be explored by regulators/competent authorities and law enforcement. Lessons learned from nuclear security incidents may be shared in the form of recommendations.

1245-1345

LUNCH SESSION
Data-Driven & Risk Significant: Demonstrating a New Approach to Insider Threat Detection and Mitigation for Nuclear Facilities

1245-1345

Concurrent Sessions 1

1345-1435

Policy & Regulations: Stakeholders and Success Stories (Panel)
Panelists will discuss how their organizations identify and engage stakeholders to develop and then evaluate ITM programs. Topics may include establishing relationships with key stakeholders, developing program metrics, securing buy-in from executives, and measuring the ROI of financial investments (e.g., staffing, procuring and deploying security systems). Panelists will be encouraged to share success stories with the audience.

1345-1435

Mitigating Radioactive Source Threats in the Transportation Sector (Panel)
Panelists will tackle the tough topic of how to mitigate insider threats in the transportation sector specific to the transportation of radioactive material. The panel will also discuss best practices on how their organizations mitigate these threats. Topics will include best practices for mitigating insider threats in the transportation sector, the intersection of transportation security and other security concerns like physical protection, future trends in the industry, and the role of self-driving cars and artificial intelligence and other cyber threats. Panelists will take questions from the audience.

1345-1435

Personnel Vetting: Good Practices for Establishing Trust and Reliability
Panelists will reflect on Focus Group findings from a survey distributed to INFCIRC/908 Subscribing Member States. Different approaches to establishing trust and reliability in an organization will be described. Audience members will be encouraged to share their personal experience and reflections on the survey results.

1345-1435

Advanced Red Teaming to Evaluate and Enhance ITM Processes: [Novel Approaches to Mitigate Insider Threats, Pt. 1] (Presentation)

1345-1435

Social Media Vetting in Practice (Panel Discussion)
This panel discussion assembles experts from the nuclear and radiological industry, each having insights into the challenges of social media vetting in high-security roles. Panelists will share firsthand accounts of their experiences with social media vetting, highlighting specific case studies.

1435-1445

Transition to Next Session

1445-1545

CONCURRENT SESSION 2 – Interactive Exercises

1445-1545

Evaluating Red Flags and Insider Threat Mitigation Measures
Participants with varied backgrounds will share their experience and views in order to have an overview of prioritized Red Flags and measures in the topic of ‘observation’. The goal is to evaluate, in small groups, a set of red flags and measures and place them in different categories: high/medium/low and must-have/ nice-to-have/ not useful. This exercise is based on doctoral research. At the end of the exercise, participants will review and reflect on their choices as compared to the research.

1445-1545

Cybersecurity for Radiological Facilities
During this exercise, participants will learn how an insider with cyber capabilities can negatively impact facility operations. Real world cases will be examined to illustrate best practices to bolster security cybersecurity programs.

1445-1545

Lost in Translation: The Importance of Non-Verbal Gestures
The nuclear power industry faces unique challenges with multinational workforces. One on hand, embracing the diversity and multi-cultural teams can lead to dynamic and inclusive organizational environments. Though, on the other hand, this diversity can also amplify differences in security awareness, culture, vetting, and qualifications. To broadly address these differences and create baseline levels of security, a Nuclear Security Culture exercise will address these concerns. The exercise will identify unique cultural dimensions associated with nations and will combine with the core components with a strong Nuclear Security Culture.

1445-1545

Building Good Rapport in Interviews
Do you know how to effectively collect information when a suspected insider threat incident has been reported? Techniques from motivational interviewing research will be demonstrated to illustrate what works to reduce resistance and increase information collection.

1445-1545

The Typhon Intrusion at ARA: Uncover the Insider Threat
Interactive and instructive experience for a large group focused on enhancing awareness and implementing strategies to counteract insider threats enabled by cyber means through engaging and realistic scenarios. The session’s primary goal is to educate attendees about the criticality of recognizing and identifying risks, cross functional communication, and coordination between security domains to develop efficient strategies to mitigate these insider threats.

1545-1615

Coffee Break:
ASK AN EXPERT SESSION 1: Physical Protection & Technical Measures Focus Group

1615-1715

Cross-Industry Perspectives on Mitigating Insider Threats
Panelists from various industries will address similarities and differences in mitigation strategies.

1715-1730

Day 1 Wrap-Up/Mentimeter

1730-1930

International Initiatives & Vendor Exposition
Selected organizations and vendors will be available to discuss products, materials, and events germane to the insider risk/threat community.

1830

Reception

Wednesday, March 6, 2024

Post-pandemic Challenges; Current State of Practice

Time

Topic

0900-0915

Welcome; Recap of Day 1 and Preview of Day 2.

0915-0945

INFCIRC/908 – New Subscribers Forum

0945-1045

Mitigating Insider Threats in Times of Crisis
Natural disasters, political, economic, and societal turmoil can all wreak havoc on nuclear security. Panelists share their personal and professional perspectives on the strains imposed by such events and the steps taken to overcome challenges and increase organizational resilience.

1045-1115

Coffee Break & Transition
ASK AN EXPERT SESSION 2: National Policy & Regulatory Frameworks

1115-1215

CONCURRENT SESSION 1 – Focus on Trustworthiness & Reliability, Cybersecurity, Physical Protection & Technical Measures

1115-1215

Developing and Implementing Successful Human Reliability Programs (Panel)
Panelists will highlight the challenges experienced during HRP implementation. Topics may include stakeholder engagement, personnel vetting, and unique cultural or legislative barriers.

1115-1215

AI, Machine Learning, and the Cyber-Insider Nexus (Presentations)
Artificial intelligence and machine learning can be used to enhance information systems security. They can also be used to create sophisticated attacks that evade detection. Presenters will share current research to explore the risks and rewards of emerging tech on insider threat mitigation.

1115-1215

Concerning Explosives and Radioactive Materials Stashes
Two recent cases of radioactive materials in the possession of people who also know how to make explosives underline the importance of developing strategies to find possible insiders. They also showcase that material which has gone missing in the past cannot be assumed to be gone for good. Minimizing the use of radioactive materials wherever possible is a way to prevent the misuse of such material in a dirty bomb scenario.

1115-1215

Critical Pathway to Insider Risk Novel Approaches to Mitigate Insider Threats, Pt. 2
The Critical Pathway to Insider Risk is an empirically based behavior model created by Eric Shaw and the CERT Insider Threat Group. The model is used by numerous insider threat programs to help identify potential risk indicators of malicious insider behavior. This talk will cover initial development of the model, studies conducted to validate it, and how insider threat programs use the model operationally.

1115-1215

Regional Perspectives: Security Culture Initiatives
Geographically diverse panelists will share information about security culture initiatives implemented across a variety of facility types.

1215-1315

LUNCH
Lunch Session: The Oncology Services in Sudan During the Military Conflict: The Challenges (Recorded Presentation)

1315-1415

CONCURRENT SESSION 2 – Interactive Exercises

1315-1415

Evaluating Red Flags and Insider Threat Mitigation Measures
Participants with varied backgrounds will share their experience and views in order to have an overview of prioritized Red Flags and measures in the topic of ‘observation’. The goal is to evaluate, in small groups, a set of red flags and measures and place them in different categories: high/medium/low and must-have/ nice-to-have/ not useful. This exercise is based on doctoral research. At the end of the exercise, participants will review and reflect on their choices as compared to the research.

1315-1415

Cybersecurity for Radiological Facilities
During this exercise, participants will learn how an insider with cyber capabilities can negatively impact facility operations. Real world cases will be examined to illustrate best practices to bolster security cybersecurity programs.

1315-1415

Lost in Translation: The Importance of Non-Verbal Gestures
The nuclear power industry faces unique challenges with multinational workforces. One on hand, embracing the diversity and multi-cultural teams can lead to dynamic and inclusive organizational environments. Though, on the other hand, this diversity can also amplify differences in security awareness, culture, vetting, and qualifications. To broadly address these differences and create baseline levels of security, a Nuclear Security Culture exercise will address these concerns. The exercise will identify unique cultural dimensions associated with nations and will combine with the core components with a strong Nuclear Security Culture.

1315-1415

Building Good Rapport in Interviews
Do you know how to effectively collect information when a suspected insider threat incident has been reported? Techniques from motivational interviewing research will be demonstrated to illustrate what works to reduce resistance and increase information collection.

1315-1415

The Typhon Intrusion at ARA: Uncover the Insider Threat
Interactive and instructive experience for a large group focused on enhancing awareness and implementing strategies to counteract insider threats enabled by cyber means through engaging and realistic scenarios. The session’s primary goal is to educate attendees about the criticality of recognizing and identifying risks, cross functional communication, and coordination between security domains to develop efficient strategies to mitigate these insider threats. Outcomes from the session will include an understanding of where to find resources on cybersecurity best practices, recognize the imperative for collaboration between cyber and insider threat security specialists, and develop a more profound awareness of the nuances in managing insider threats within a nuclear facility context.

1415-1445

Coffee Break:
ASK AN EXPERT SESSION 3: Cybersecurity Focus Group

1445-1545

CONCURRENT SESSION 3 – Focus on Trustworthiness & Reliability, Cybersecurity, Physical Protection & Technical Measures

1445-1545

Evaluating States’ Implementation of NMAC for Nuclear Security
Panelists will explore barriers to implementation of IAEA guidance (NSS 25-G and 32-T) on NMAC for nuclear security recommendations.

1445-1545

Exploring Predictive Analytic Threat Assessment Models Built Upon the SOFIT Insider Threat Ontology [Novel Approaches to Mitigate Insider Threats, Pt. 3]

1445-1545

Challenges Regulating and Mitigating Threats for A/SMRs
Advanced and small modular reactors (A/SMR) pose challenges to a country’s existing regulatory framework, especially regarding security requirements. Panelists will explore developing and implementing regulations, technology and operating paradigms, and workforce impacts on insider threat mitigation for these new reactors,.

1445-1545

To Err is Human: How to Protect against Accidents, Errors, and Social Engineering (Panel Discussion)
Experts from the social and behavioral sciences discuss the contributors to human error and insider threat, including ways to assess the risk of human error (e.g., human reliability analysis), contributing factors to human error, and tools for minimizing the likelihood of human error.

1445-1545

Testing and Evaluating the Effectiveness of Insider Threat Mitigation Programs (Presentations)
Building effective ways to measure the success of an insider threat program is important to assess whether and to what extent the program has an impact.

1545-1600

Coffee Break & Transition

1600-1700

DOEL-4 Incident
This session provides a retrospective of the DOEL-4 sabotage case which occurred in Belgium in 2014. The case study provides in-depth information on what happened, how the threat was mitigated, and investigated. The case study demonstrates the value of a robust security culture throughout an organization.

1700-1800

Investigating and Responding to Insider Threat Events
Law enforcement and security services experts will reflect on their role in preventing, detecting, and responding to insider threats.

1800-1815

Day 2 Wrap-Up/Mentimeter

1815-2000

International Initiatives & Vendor Exposition
Selected organizations and vendors will be available to discuss products, materials, and events germane to the insider risk/threat community.

1815-2000

Students & Scholars Poster Session
Interested students and educators will be available to discuss their current research with participants.

1815

Adjourn for the day

Thursday, March 7, 2024

Over the Horizon Threats and Solutions; Evolving the Community of Practice

Time

Topic

0900-0910

Welcome; Recap of Day 2 and Preview of Final Day.

0910-1000

Risk Assessment and Management in Violent Extremism
Violent extremism has galvanized public fear and attention. The presenters will describe which factors might increase (risk factors) or decrease (protective factors) risk, how those factors might operate, and how practitioners can prepare risk formulations and scenario plans that inform risk management strategies to prevent violent extremist harm.

1000- 1010

The Integrated Measures Exercise (IME): Introduction

1010-1030

Coffee Break
ASK AN EXPERT SESSION 5: Trustworthiness & Reliability Focus Group

1030-1230

Integrated Measures Exercise (IME)
Four Breakout Rooms

Interactive exercise developed in collaboration with the IWG Steering Committee members. Exercise addresses elements from all five focus groups.

1230-1330

LUNCH

1330-1400

IME Epilogue
Representatives from each of the small groups share feedback. Key takeaways are reinforced through discussion and Q&A.

1400-1445

Academic Programs & Research Initiatives on Insider Threat Mitigation (Panel Discussion)
Panelists from academia and research institutes will reflect on general theories underlying insider risk and threat, educationa9l programs on the topic, and nascent areas of research.

1445-1515

Coffee Break: International Initiatives & Vendor Exposition Reopens

1515-1600

Over the Horizon Threats and Solutions
.

1600-1645

Summary and Next Steps: The Future of the Advancing INFCIRC/908 International Working Group

1645-1700

Closing Remarks & Adjourn

Live Interactive Tabletop Exercises

These interactive sessions will provide participants with opportunities to explore true-to-life insider threat scenarios. Working together to identify potential threats and understand insider motives, participants will brainstorm mitigation strategies and learn from expert presenters and other symposium attendees.

Lost in Translation: The Importance of Non-Verbal Gestures

Nonverbal gestures and expressions make up an incredible 60-70 percent of human communication! Therefore, cultural nuances and silent signals play a crucial role when determining trustworthiness and reliability.

In this exercise, explore non-verbal communication while also considering cultural dimensions and common cultural signals: Participants will be asked to demonstrate and assess concerning non-verbal behaviors within a fictitious nuclear facility.

Evaluating Red Flags and Insider Threat Mitigation Measures

From recruitment to hiring to ongoing employment, every organization has numerous occasions where it must ward against insider threats. Simply put: no detail is too small to escape close attention!

This interactive activity will explore “measures” for assessing observed behaviors and potential “red flags.” Work with your team to categorize and rank issues to determine when a potential threat is problematic enough that it deserves preventive action.

Measure Observation 43: Encourage self reporting. Measure Observation 44: Ensure the higher management is aware of the insider threat.

Cybersecurity for Radiological Facilities

Have you ever wondered what it’s like to be an insider? Well, here’s your chance!

During a realistic insider attack on a fictitious medical facility, you’ll examine a cybersecurity incident from both the defender and attacker’s perspectives. Participants will study best practices and learn how an insider with cyber capabilities can negatively impact operations.

This table-top exercise is a shortened version of an exercise developed by the Cybersecurity Focus Group, and anyone may download the exercise to conduct at home.

Building Good Rapport in Interviews

During investigative interviews, security professionals need to establish what happened and by whom. Information elicited from interviewees informs the threat assessment and management process. In other words, the better the information, the better the organization’s decision-making process! 

Participants will explore techniques to build cognitive and affective trust while strengthening active listening and non-coercive rapport-building skills.

The Typhon Intrusion at ARA: Uncover the Insider Threat

Have you ever daydreamed about being in a thrilling cyber-espionage story? Well, wake up and take a dive deep into this simulated but all-too-real incident at a nuclear facility!

Participants will practice fortifying their digital and physical realms, work on early detection and insider threat recognition best practices, and develop strategies to quickly counter and mitigate damage through rapid response tactics.

Featured Presenters

The 2024 Symposium aims to bring together leaders in government, industry, and academia to explore priorities and challenges for insider threat mitigation in nuclear security. Join us for novel insights and perspectives from our featured speakers and panelists.

Annelies Verlinden

Annelies Verlinden

Minister of the Interior, Institutional Reform and Democratic Renewal, Kingdom of Belgium

Prior to becoming minister of interior, Annelies Verlinden was a Co-managing Partner at DLA Piper, an innovative global law firm. While respecting the prerogatives of the competent authorities, she is responsible for the coordination of the general police policy and the coordination of the management of the federal police and the local police. Her policymaking in home affairs includes civil security, the support of the prevention and security policy of municipalities, private security, registration and updating of the national register of intelligence regarding Belgian nationals. Verlinden has a degree in law from the University of Leuven and completed the leadership program at Harvard Business School. Learn more about Annelies Verlinden

Jill Hruby

Jill Hruby

Under Secretary for Nuclear Security and NNSA Administrator, United States Department of Energy

Jill Hruby leads the U.S. Department of Energy's National Nuclear Security Administration (DOE/NNSA) in achieving the nation's nuclear security missions by ensuring the nuclear security enterprise is bringing cutting-edge science and creativity to sustain and fully understand the U.S. stockpile without testing; providing new technologies and procedures to lower cost and reduce the time to deliver all mission requirements; staying ahead of adversaries; and developing advanced capabilities to enhance nuclear security, arms control, and Navy reactors. Hruby previously served as Director of Sandia National Laboratories and has mechanical engineering degrees from Purdue University and the University of California at Berkeley. Learn more about Jill Hruby

M. Saīd Mouline

Yvan De Mesmaeker

Secretary General for the European Corporate Security Association (ECSA)

Yvan De Mesmaeker founded Omega Risk, an independent audit and consultancy practice, advising major international corporations and organizations on security, resilience, anticipation and assisting them with strategic networking. Subsequently, he was appointed Secretary General of the European Corporate Security Association (ECSA), a not-for-profit professional association of managers and officials in charge of the security and resilience of corporations and national, EU, and international institutions. De Mesmaeker graduated as a civil engineer (academic degree between a MSc and a PhD) from the Free University of Brussels and studied finance and international marketing at a post-academic level (studies in Dutch, French, and English). Learn more about Yvan De Mesmaeker

Frank Hardeman

Frank Hardeman

Director General of the Federal Agency for Nuclear Control, FANC, Belgium

Frank Hardeman has served as Director General of the Federal Agency for Nuclear Control (FANC) since 2018. FANC’s mission is to promote the effective protection of the general public, workers, and the environment against the hazards of ionizing radiation. Prior to his work at FANC, he held various positions at the Belgian Nuclear Research Centre (SCK CEN, MOL), including Deputy Director General; Head of the Environment, Health, and Safety Institute; Head of the Health and Safety Department; Head of the Society and Policy Support Unit; and Head of Nuclear Measurement Laboratories. Hardeman has degrees in nuclear physics, nuclear engineering, sciences, and industrial safety from the University of Leuven.

Sponsored by: National Nuclear Security Administration Federal Agency for Nuclear Control