Topic:
The FBI’s Illicit Data Loss Exploitation (IDLE) program

Presenter:
SSA Jim Simcox
IDLE Team Lead
FBIHQ-Cyber Division
NCIJTF, Chantilly, VA

Bio:
Mr. Simcox is a 9-year veteran of the US Navy, and 19-year veteran of the FBI. He has worked Counterterrorism and Counterintelligence matters but has focused on Counterproliferation and Cyber matters for the past several years helping to protect critical technologies and intellectual property during that time. His current position is within the FBI’s Cyber Division at FBIHQ and he is the program lead for the IDLE Program.

The FBI’s IDLE Program is a process to help protect valuable data on networks from the most sophisticated cyber actors regardless of their internal access. The IDLE process is wholly owner-run and provides no government access. It provides three capabilities based on a unique “honey” folder and file configuration that deploys decoy content, may detect exfiltration and/or lost data, and may provide internal tripwire alerts on illicit exfiltration activity. IDLE is compliant with the new NIST 800-172 Standards, as well as the new MITRE Sheild Knowledge Base. We also partner with the National Defense Cyber Alliance.