Founder & Executive Advisor Named one of Teramind’s 15 Insider Risk Visionaries to Follow

Shawn M. Thompson, Esq.

Shawn Thompson helps organizations transform fragmented insider-threat activities, tools, and investigations into governed, measurable, and defensible enterprise insider-risk programs.

Trusted Professional Footprint

Former FBIFormer NSA Insider Threat LeadFormer Google Global LeadFormer Special Assistant United States AttorneyFounder, ITMG®
Explore ITMG® Services
Shawn M. Thompson, Esq. - insider risk expert and founder of ITMG.
Biography & Proof

Experience as an Insider Risk Expert

A Unified Multidisciplinary Background

Shawn M. Thompson, Esq. brings more than 25 years of insider risk, insider threat, national security, investigations, legal, cybersecurity, and enterprise risk experience, including more than 20 years directly supporting insider threat, counterintelligence, and insider-risk missions.

His experience combines the legal discipline of a federal prosecutor and FBI advisor, the operational depth of an NSA insider threat program leader, the scale of a Google insider-risk practice lead, and the practical focus of a founder who has advised hundreds of organizations.

Insider Risk Expertise Evidence

Legal, Investigative & Risk Management Foundation

  • Attorney and former federal prosecutor
  • Legal, privacy, and governance advisory expertise
  • Insider threat investigations and response
  • Insider risk program design and assessment
  • Enterprise risk management and executive reporting

Senior National Security & Enterprise Roles

  • Former FBI Assistant General Counsel
  • Former NSA Insider Threat Program Manager
  • Former NSA Senior Special Agent
  • Former Google Insider Risk Leader
  • Former Special Assistant U.S. Attorney

Founder & Standards Leadership

  • Founder of ITMG®
  • Founder of RiskTKO®
  • Founder of IRCF™
  • Founder of Insider Risk BoK™

Scale of Delivered Engagements

  • 25+ years of experience
  • 100+ Fortune 500 clients
  • 20,000+ consulting hours
  • 150+ capability assessments
  • 300+ insider-risk engagements

Industry Validation

  • Forrester® research participation
  • Teramind industry recognition
  • LinkedIn-verified testimonials and endorsements

Years of Insider Risk and Insider Threat Leadership

Shawn Thompson's executive career spans a series of pioneering leadership positions that have directly shaped the modern insider-risk discipline. From architecting program oversight frameworks within national intelligence agencies to managing risk operations inside global tech companies, this timeline of leadership demonstrates continuous subject matter authority:

2014 - Present

Founder & CEO, ITMG®

Built the leading boutique advisory firm for program development, delivering hundreds of risk engagements across the Fortune 500.

2022 - 2026

Global Program Lead, Google

Designed and scaled the internal global security response and insider risk initiatives across multiple offices and cloud networks.

2011 - 2015

Program Manager, NSA

Served as Special Agent and Program Manager directing operations, auditing controls, and supervising critical security investigations.

Expertise Evidence Index

Proof AreaEvidence DetailsVerification Context
Analyst CitationsRecognized in Teramind’s 15 Insider Risk Visionaries; cited in 3 Forrester® reports.Independent publications citation and public media coverage indexes.
Verified Testimonials10 verified recommendations with direct profile reference.Peer and client reviews from executive directors at NFL, Nike, Dell, Google, Cisco, and Bechtel.
FrameworksFounder and principal architect of the Insider Risk Capability Framework™ (IRCF™).The industry's leading standard used across 150+ capability assessments.
Academic ContributionFounder of ITMG® Academy and author of Insider Risk Body of Knowledge™ (BoK™).Educating 1,000+ certified practitioners globally.
Legal CredentialsLicensed member of the Maryland State Bar (Juris Doctor, Esq.).Ensuring all program frameworks align to civil liberties and regulatory compliance.
PlatformFounder and designer of RiskTKO® exposure software.An active technical platform converting risk inputs into governed decisions.
100+

Fortune 500 Clients Advised
(ITMG® advisory practice)

20,000+

Consulting Hours Delivered
(Cumulative delivery)

150+

Capability Assessments
(Based on the IRCF™)

300+

Insider Risk Engagements
(Advisory and implementation)

CREDIBILITY & PROFESSIONAL PROOF

Proof & Validation

Forrester® research participation, Teramind industry recognition, and LinkedIn-verified testimonials

Forrester® Research Participation and Report Citations

Shawn Thompson and ITMG® have been interviewed by Forrester® analysts for three research reports addressing insider threat and insider risk management. The resulting research cited Shawn’s practitioner perspective and referenced ITMG® in connection with specialized insider threat training, expert advisory support, and the establishment of enterprise insider threat programs.

Forrester® | June 30, 2023Best Practices

Best Practices: Insider Risk Management

Topic: Strategic recommendations, metrics, and programmatic best practices for starting and maintaining formal programs.

Participation: Forrester® interviewed ITMG® for this research, referencing the firm as a provider of specialized insider threat training.

Citation

Joseph Blankenship, Stephanie Balaouras, Alexis Tatro, and Michael Belden, “Best Practices: Insider Risk Management,” Forrester®, June 30, 2023.

Forrester® | March 18, 2021Program Setup

Best Practices: Mitigating Insider Threat

Topic: Essential governance controls, technical detection strategies, and risk mitigation methodologies.

Participation: Forrester® interviewed ITMG®, listing the firm in its “Get help from experts” guidance for establishing insider threat programs.

Citation

Joseph Blankenship and Claire O’Malley, “Best Practices: Mitigating Insider Threat,” Forrester®, March 18, 2021.

Forrester® | June 20, 2023Team Charter

The Insider Risk Management Team Charter

Topic: Structural team charters, operational goals, key analyst skills, and cross-functional roles.

Participation: Forrester® interviewed Shawn Thompson, citing his perspective on strategic, analytical, and communication analyst skills.

Citation

Joseph Blankenship, Stephanie Balaouras, Jeff Pollard, Alla Valente, Jess Burn, Alexis Tatro, and Shayna Neuburg, “The Insider Risk Management Team Charter,” Forrester®, June 20, 2023.

Disclaimer: Forrester® references are included to identify research participation and public report context. They do not imply endorsement of ITMG®, RiskTKO®, or Shawn Thompson unless expressly stated by Forrester®.

Teramind Industry Recognition

Recognized IndividualShawn M. Thompson
OrganizationITMG®
Recognizing OrganizationTeramind
Proof Typeinsider risk industry recognition
Topicinsider risk / insider threat leadership
Validation Summary

Teramind named ITMG® founder and CEO Shawn M. Thompson one of its "15 Insider Risk Visionaries You Must Follow," highlighting his insider-risk, investigations, national-security, and Fortune 500 program leadership experience. In its profile, Teramind described Shawn as “one of the world's foremost authorities on insider risk and national security.”

Teramind recognition of Shawn Thompson as an insider risk industry leader.

Teramind included Shawn M. Thompson in its “15 Insider Risk Visionaries You Must Follow.”

LinkedIn-Verified Testimonials and Professional Endorsements

Executive Advisory & Security Leadership

"Shawn has been a trusted advisor who has helped me navigate some very complex challenges. Shawn demonstrates a style of leadership which encourages partners and colleagues to seek out his expertise and wisdom which results in mutual benefits."

Proof TypeVerified LinkedIn Recommendation
ContextExecutive Advisory & Security Leadership
Validation Summary

Jim Ammons highlights Shawn's role as a trusted advisor and cross-functional leader during complex security challenges.

National Security Operations

"Shawn is a sharp, forward-thinking leader with years of experience. I have worked with him over the years and always found him aggressive, straightforward, and motivated. Awesome CEO."

Proof TypeVerified LinkedIn Recommendation
ContextNational Security Operations
Validation Summary

Robert E. Anderson Jr. emphasizes Shawn's sharp, motivating, and forward-thinking leadership as an enterprise CEO.

Managed Shawn for 12 years across the FBI and NSA

"Shawn's breadth of experience from Counterintelligence law to government Internal Security protocols, along with his experience prosecuting criminal cases, provides him with the fundamental knowledge to be a world leader in addressing insider threats. At ITMG®, Shawn has managed to blend a unique approach of the technical as well as the human threat to cyber security. I give my highest recommendation."

Proof TypeVerified LinkedIn Recommendation
ContextManaged Shawn for 12 years across the FBI and NSA
Validation Summary

Sean M. Walsh details Shawn's legal background, prosecution history, and technical-human synthesis as a world authority on insider threats.

Client Assessment & Advisory Engagement

"I strongly recommend Shawn and his team at ITMG® to assist with building and maturing Insider Threat/Insider Risk programs. Shawn can speak from experience as an SAUSA and Justice Department attorney and as a practical Insider Threat Executive and program leader. He can adeptly help you navigate the inherent conflicts between policy and procedure, monitoring and privacy, and oversight and responsibility."

Proof TypeVerified LinkedIn Recommendation
ContextClient Assessment & Advisory Engagement
Validation Summary

Chris Jones recommends Shawn for program maturation, praising his DOJ background and his skill in balancing monitoring with employee privacy.

Long-standing Cyber Security Collaboration

"I've been acquainted with Shawn in both a personal and professional capacity for eight years. Shawn combines the highest degree of character and integrity with bona fide subject matter expertise. He is a true pioneer in the field of insider threat detection and mitigation, and his experience is second to none."

Proof TypeVerified LinkedIn Recommendation
ContextLong-standing Cyber Security Collaboration
Validation Summary

Glen Kazerman highlights Shawn's subject matter expertise, character, and integrity as a true pioneer in the insider risk domain.

Partner & Program Advisory

"Shawn is a true professional! He knows the ins and outs of building insider threat programs and implementing them. He is pleasant to work with and has great collaboration skills. He is both methodological as well as practical when it comes to getting the most out of people."

Proof TypeVerified LinkedIn Recommendation
ContextPartner & Program Advisory
Validation Summary

Gabriel Friedlander commends Shawn's collaboration and practical methodology for building and implementing insider threat programs.

Shawn's Client

"Shawn Thompson has a very a strong understanding of insider threat principles and their practical application in protecting personnel, information, and critical assets. His knowledge of risk indicators, reporting responsibilities, and mitigation strategies reflects a solid commitment to strengthening organizational security. I recommend Shawn without reservation. His demonstrated ability to apply these concepts is second to none."

Proof TypeVerified LinkedIn Recommendation
ContextShawn's Client
Validation Summary

Adam Loomis praises Shawn's practical application of risk indicators, reporting responsibilities, and assets protection.

Industry Collaboration

"Shawn is a distinctive authority in the insider risk domain and one of the most important voices shaping its future. Through his work with us at Forscie, he has demonstrated a clear understanding of how the insider threat landscape is evolving, alongside a genuine commitment to advancing the discipline in the right direction. His vision for the future of insider risk is one that Forscie strongly shares. Shawn brings insight, conviction, and a program-focused perspective to a field that demands all three. It is clear that experts like Shawn help define the next generation of insider risk, shaping the standards, thinking, and practices that others will follow."

Proof TypeVerified LinkedIn Recommendation
ContextIndustry Collaboration
Validation Summary

James Weston recognizes Shawn as a distinctive authority who shapes the future standards, thinking, and practices of insider risk.

Training & Special Interest Group Collaboration

"I have worked with Shawn Thompson across dozens of insider threat and insider risk training sessions, reaching hundreds of students and practitioners. Shawn brings a rare combination of deep subject-matter expertise, real-world operational experience, and practical teaching ability. He understands insider risk from the executive, legal, investigative, security, privacy, and program-management perspectives, and he has a unique ability to translate complex issues into clear, actionable guidance. His background across government, national security, and the private sector gives his work exceptional credibility. Shawn is one of the most knowledgeable and effective insider risk professionals I have worked with, and I would strongly recommend him and ITMG® to any organization looking to build, assess, mature, or strengthen an insider threat or insider risk program."

Proof TypeVerified LinkedIn Recommendation
ContextTraining & Special Interest Group Collaboration
Validation Summary

Jim Henderson highlights Shawn's unique combination of deep subject-matter expertise, operational background, and practical teaching ability across dozens of training sessions.

Insider Risk Operations & Practice Growth

"I had the privilege of working under Shawn, who exemplifies the true essence of leadership. He consistently strikes the ideal balance between guidance and autonomy—offering deep expertise in risk management while empowering his team to fully own their work. Leading by example with wisdom and grace, Shawn is a trusted advisor who seamlessly helps clients navigate complex, evolving insider risk challenges. Most notably, he drove continuous year-over-year growth for our practice by charting new pathways into deep technical and investigative offerings. I highly recommend Shawn for any cybersecurity leadership role; he would be an invaluable asset to any organization."

Proof TypeVerified LinkedIn Recommendation
ContextInsider Risk Operations & Practice Growth
Validation Summary

Shahzad Azad praises Shawn's leadership style, deep expertise in risk management, and success in driving year-over-year practice growth through technical and investigative offerings.

EVIDENCE-BASED CAREER

Progression of Leadership

2014 - Present

Founder, CEO & Enterprise Insider Risk Advisor

ITMG®

Washington, DC

"Established the industry's premier boutique insider-risk consulting practice, delivering advisory services and training to Fortune 500 organizations."

  • Delivered over 300 insider-risk engagements and 150+ capability assessments across financial, healthcare, retail, and tech sectors.
  • Designed and implemented Nike's global Insider Threat Program, converting assessments into governance, tool orchestration, and a mature roadmap.
  • Built the Insider Threat Training Academy, launching one of the market's first Insider Threat Program Manager certifications.
  • Created the Insider Risk Advisory Council, bringing together Fortune 500 risk executives to define industry best practices.

"Built and led Google's Global Insider Risk Management service into a high-growth enterprise capability, expanding pipeline from $500K to $10M in 12 months."

  • Created repeatable enterprise service lines for assessment, program design, build, and insider-threat pentesting.
  • Elevated Google's insider risk narrative from tactical monitoring to strategic risk management and governance.
  • Converted bespoke consulting into scalable service architecture, boosting cross-functional alignment and delivery consistency.
  • Briefed Fortune 500 boards and CISOs on connecting technical telemetry (DLP, UEBA, UAM) to operational prioritization.
2022 - 2026

Senior Manager, Global Insider Risk Practice Lead

Google (Mandiant)

Reston, VA

2011 - 2015

Insider Threat Program Manager / Senior Special Agent

National Security Agency (NSA)

Ft. Meade, MD

"Directed NSA's enterprise Insider Threat Program, establishing operational standards, governance routines, and compliance frameworks."

  • Expanded program capabilities across vetting, monitoring, investigations, controls, and executive coordination.
  • Chaired the Intelligence Community Insider Threat Mission Group, aligning CI requirements across federal agencies.
  • Appointed by the ODNI as the IC ITE Insider Threat Technical Lead, integrating insider-risk controls into the cloud strategy.
  • Represented NSA to the National Insider Threat Task Force (NITTF) and contributed directly to the National Insider Threat Policy signed by President Obama.

"Strengthened legal strategies and investigation requirements for NSA's unauthorized disclosure and internal security portfolios."

  • Advised senior leadership on handling complex FBI investigations, classified litigation, and employee oversight.
  • Ensured rigorous, defensible evidence handling and legal posture for high-sensitivity personnel actions.
  • Received multiple agency awards for outstanding legal contributions to national security missions.
2009 - 2011

Senior Litigation Attorney

National Security Agency (NSA)

Ft. Meade, MD

2005 - 2009

Assistant General Counsel - Office of General Counsel

Federal Bureau of Investigation (FBI)

Washington, DC

"Led legal strategy and executive support for investigations into economic espionage, insider threats, and national security."

  • Coordinated closely among FBI executives, agents, and prosecutors to translate investigative objectives into legal strategies.
  • Contributed to the successful prosecution of ten Russian spies linked to the high-profile Russian Illegals Program.
  • Helped establish the FBI's first cybersecurity attorney capability, training agents on cyber, FISA, and espionage law.
  • Revitalized the Special Assistant U.S. Attorney (SAUSA) program, providing FBI attorneys with trial-capacity experience.

"Conducted high-level intelligence analysis on counterterrorism and national-security threats, presenting directly to the executive branch."

  • Created the FBI Terrorist Radicalization Model, reshaping national counterterrorism strategies and receiving the Director's Achievement Award.
  • Served as FBI Director Robert Mueller's Morning Intelligence Briefer, briefing President Bush, Condoleezza Rice, and the Attorney General.
2003 - 2005

Strategic Analyst - National Security Branch

Federal Bureau of Investigation (FBI)

Washington, DC

THOUGHT LEADERSHIP INDEX

Published Insider Risk Thought Leadership

Publications, Speaking & Media Commentary

Featured WIRED Commentary

WIRED National Media

Google's Robocar Lawsuit Could Kill Uber's Future and Send Execs to Prison

Quoted extensively in February 2017 as a federal prosecutor and cybersecurity legal expert, advising on the criminal risk, corporate accountability, and trade-secret exposure of the high-stakes Waymo-Uber dispute.

Read WIRED Article

The Scariest Threats to Uber's Future, From Waymo to Money Worries

Cites Shawn's legal analysis regarding executive criminal exposure and corporate knowledge thresholds under federal trade secret statutes.

Read Citation
PRACTITIONER THOUGHT LEADERSHIP

Insights and Publications by Shawn M. Thompson

Explore practical insights from Shawn M. Thompson on insider threat, insider risk, enterprise governance, investigations, program maturity, exposure management, and the evolution of the profession.

Featured Insight July 11, 2026 10 min read

Lessons From a Career in Insider Threat and Insider Risk

Explore Shawn M. Thompson's distinguished 20+ year trajectory spanning FBI economic espionage Counsel, NSA Insider Threat Program Manager, Google Global Practice Lead, and enterprise consulting for over 100 Fortune 500 organizations.

By Shawn M. Thompson, Esq.|View Author Profile
Thought Leadership July 13, 2026

What Is an Insider Risk Program Assessment?

Understand how an insider risk program assessment evaluates an organization's governance, operating model, stakeholder alignment, authority, and defensibility.

By Shawn M. Thompson, Esq.Read Article
GovernanceSeptember 2026

Why Insider Risk Must Become an Executive Risk Discipline

How leading CISOs and boardrooms are shifting their operational security structures to map and govern insider threat indicators as board-ready metrics.

By Shawn M. Thompson, Esq.Coming Soon
Building a permanent body of thought leadership for the insider risk profession.
DEVELOPING CERTIFIED STANDARDS

Academic and Training Outcomes

Shawn Thompson has dedicated his career to building certified, accessible standards to educate the next generation of insider risk and insider threat practitioners.

ITMG® Academy

Founded and led ITMG® Academy, educating thousands of risk, legal, cybersecurity, and HR professionals across the globe. Built and launched one of the first structured pathways for corporate programs.

Impact Metric1,000+ Certified Practitioners trained across global agencies and corporate enterprises.

Insider Threat Program Manager (ITPM)

Designed and established the industry-standard certified curriculum for Program Managers. This certification provides formal guidelines on balancing monitoring technology with legal boundaries, privacy compliance, and human risk psychology.

Standard ReferenceCertified ITPM Pathway recognized as a standard for enterprise risk team enablement.

Insider Risk Body of Knowledge™ (BoK™)

Principal architect and author of the open-access Body of Knowledge™ (BoK™), formalizing a unified industry vocabulary, core legal templates, policy standards, and cross-functional response playbooks.

Curriculum CoreOpen-Access BoK™ Library bridging academic management with real-world threat indicators.

Academic & Legal Credentials

Shawn Thompson holds a Juris Doctor (J.D.) and is a licensed member of the Maryland State Bar (attorney & counselor at law). This formal legal foundation ensures all ITMG® Academy curriculum, BoK™ guidelines, and RiskTKO® platform logic are built to defend user privacy and strictly comply with international regulations.

Licensed Bar MemberAttorney at Law (Esq.)

Turn insider-risk expertise into a measurable, defensible operating capability.

Collaborate with Shawn and the ITMG® team to review, evaluate, prioritize, and operationalize your corporate program.

Explore ITMG® Services