Dan Ongaro, Sarah Hertz, Nada Rastad, Una Kang
Time: Wednesday, May 6, 2026: 08:50 AM – 09:50 AM
What was once considered a novel risk from a disgruntled, tech-savvy employee is now commonplace. Complex outsourcing arrangements, remote workers, AI-assisted tools, and the ever-increasing value of intellectual property and other confidential and classified data contribute to increase the attack surface, the number of potential insider threats, and incentives for an insider attack. Recent examples include North Korean remote workers, the Coinbase attack, and leading technology companies’ accusations of data theft. This session discusses examples of common types of insider attacks and threat actors and techniques to identify the associated user behaviors. Panelists will discuss experiences coordinating IT, HR, privacy, legal, and other stakeholders together to shape insider threat programs and investigations.
-
Gain insights on recent insider attack types and explore how to take proactive measures to address the threats.
-
Understand the complexities with detection of insiders.
-
Learn how to develop or enhance programs to better identify, stop, and investigate insider threat activity while meeting personnel privacy and confidentiality obligations.
Dan Ongaro, Senior Associate, Data, Privacy and Cybersecurity, Hogan Lovells
Nada Rastad, Associate General Counsel, Information Risk and Security, Intuit
Sarah Hertz, Manager, Cyber Defense & Resilience, Deloitte
Una Kang, Vice President and Associate General Counsel – Cybersecurity and Global Litigation, Wolters Kluwer
Reading Materials:




