Podcasts about insider risk

Show SummaryOn today's episode, we're featuring a conversation with Marine Corps Veteran, Michael Hudson, Vice President for Insider Risk and Suicide Prevention for Clearforce, a risk analytics company that has developed the Resolve platform that is designed to address challenges associated with personal risk, including increased risk for suicide in the service member and veteran population. Provide FeedbackAs a dedicated member of the audience, we would like to hear from you about the show. Please take a few minutes to share your thoughts about the show in this short feedback survey. By doing so, you will be entered to receive a signed copy of one of our host's three books on military and veteran mental health. About Today's GuestColonel Michael Hudson, United States Marine Corps (Ret.), served 30 years as an Aviator, Commanded a Helicopter Squadron and a Marine Expeditionary Unit in support of combat and contingency operation in Africa, Central and Pacific Commands. Has intelligence and operational background, lead joint operational centers, safety, and risk professional designation. Restructured and lead USMC Sexual Assault Prevention Response program, working closely with behavioral health and suicide prevention to take USMC from worst to best program in DoD.  Retiring in 2014, he joined ClearForce as they formed.  Hudson holds a bachelor's Degree from San Jose State University in Aeronautics, Master's Degree from the Naval War College in National Security and Strategic Studies, Master's Degree from Troy State University in Management and is Global Counter Insider Threat Program (GCITP) credentialed.Links Mentioned in this Episode Clearforce Web siteRESOLVE Platform Web sitePsychArmor Resource of the WeekThis week's resource of the week is the PsychArmor course, Helping Others Hold On. Compared to the civilian population, suicide rates among the military and Veterans is very high. This series of lessons help to give tools and tips to recognize, understand, and combat suicidal feelings in Veterans. You can find the resource here:  https://learn.psycharmor.org/courses/helping-others-hold-on Episode Partner: This week's episode is brought to you by Humana, a leading health and well-being company that has joined forces with PsychArmor to develop campaigns and courses that support veterans and their families in achieving their best health. To learn more about how Humana honors and serves veterans visit healthequity.humana.com/veterans” Contact Us and Join Us on Social Media Email PsychArmorPsychArmor on TwitterPsychArmor on FacebookPsychArmor on YouTubePsychArmor on LinkedInPsychArmor on InstagramTheme MusicOur theme music Don't Kill the Messenger was written and performed by Navy Veteran Jerry Maniscalco, in cooperation with Operation Encore, a non profit committed to supporting singer/songwriter and musicians across the military and Veteran communities.Producer and Host Duane France is a retired Army Noncommissioned Officer, combat veteran, and clinical mental health counselor for service members, veterans, and their families.  You can find more about the work that he is doing at www.veteranmentalhealth.com  

Send us a textCyber Defense Meets Leadership Mastery!

In the latest episode of the Security Sprint, Dave and special co-host Alec Davison talked about the following topics:Insider Risk ConcernsWhat impact will the current political and economic environment have on stressors and grievances.At the end of last month, a former water utility employee pleaded guilty in federal court for tampering with the drinking water supply at his former workplace. https://www.justice.gov/usao-ma/pr/former-stoughton-water-department-employee-pleads-guilty-tampering-drinking-water Nation State's Using Non-state actors for violence and to further geopolitical interestsHybrid warfare is a new normal – we're experiencing a breakdown of the traditional perception of the binary notion of war and peace.US neo-Nazi group with Russia-based leader calls for targeted Ukraine attacks – https://www.theguardian.com/us-news/2025/apr/05/the-base-neo-nazi-russia-ukraine Iran recruited Swedish minors for attacks on Israeli targets https://www.cnn.com/interactive/2025/world/iran-israel-swedish-teenagers-shadow-war-intl-invs Quick HitsTwo men suspected of plotting an attack arrested in Paris in support of the Islamic State – https://www.lemonde.fr/en/france/article/2025/04/07/two-men-suspected-of-plotting-an-attack-arrested-in-paris_6739914_7.html Man who hates big pharmacies allegedly guns down Walgreens worker: Policehttps://abcnews.go.com/US/man-hates-big-pharmacies-allegedly-guns-walgreens-worker/story?id=120408357 Death toll rises from weekend storms in US – severe weather in US - https://www.bbc.com/news/articles/crrzd0lge28o Ivanti Connect Secure appliances are susceptible to attacks exploiting a recently disclosed vulnerability, which Chinese threat actors are actively exploiting - https://www.securityweek.com/exploited-vulnerability-puts-5000-ivanti-vpn-appliances-at-risk/

Insider incidents cause around 35 percent of data breaches, creating financial and security risks for organizations. In this podcast from the Carnegie Mellon University Software Engineering Institute, Austin Whisnant and Dan Costa discuss the Insider Incident Data Expression Standard (IIDES), a new schema for collecting and sharing data about insider incidents. IIDES facilitates insider incident information handling to help organizations better protect themselves against the compromise of sensitive information and mission-critical systems, which is essential to maintaining national security and defense.

Brian A. Coleman, Senior Director for Insider Risk, Information Security, and Digital Forensics at Pfizer, talks to us about how his security team is experimenting with AI to improve their insider risk detection systems. The system Brian and his team put together can detect sensitive information or documents handled by unauthorized accounts, but can also spot documents moving around and ending up where they shouldn't be - either by accident, malice, or as a result of a security breach. Show notes

Fred Burton speaks with Robin Welch-Stearns about understanding the true extent of insider risk for modern corporate security teams. Robin shares her insights from her time at the CIA and Google, highlighting the differences between insider risk in public and private sectors. She discusses the importance of creating a comprehensive approach to managing insider threats by understanding the motivations behind them, using data analytics, and fostering collaboration between cybersecurity and physical security teams. You'll learn: Differences in insider risks between public and private sectors, and common forms these risks take within organizations Strategies and frameworks for detecting and preventing insider threats, emphasizing data analytics and employee training Psychological factors and motivations behind insider threats, and the opportunities and challenges AI presents in managing these risks Learn more about Ontic's Incidents, Investigations, and Case Management.

Mike Smith explores the intricate balance between safeguarding personal privacy and ensuring robust security measures within organizations. His discussion with Fred covers the strategies for developing an effective insider risk program that both anticipates threats and respects individual rights. Through expert insights and real-world examples, you'll gain a comprehensive understanding of how to navigate this delicate yet crucial terrain.You'll learn:Key strategies for balancing privacy concerns with security needsThe components that make an insider risk program effectiveHow to implement ethical practices that protect both the organization and its individualsLearn more about Ontic's Incidents, Investigations, and Case Management.

In this episode, Manish dives into the dynamic world of corporate security through the firsthand experiences of Honeywell's seasoned professionals, Mike Pierce and Kevin Renwick, transitioning from law enforcement. Their conversation emphasizes the critical role of relationship-building in mitigating insider risks while highlighting innovative strategies for breaking down organizational silos. Listen in to gain perspectives on navigating the balance between employee privacy and organizational safety through comprehensive investigative practices.What you'll learn:Innovative strategies for identifying and mitigating insider risksStrategies for dismantling silos and enhancing collaborationHow to balance investigative rigor with trust and privacyLearn more about Ontic's Incidents, Investigations, and Case Management.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Brian A. Coleman, Senior Director at Pfizer for Insider Risk, Information Security, Digital Forensics Expert. Brian goes over all the Island features that have made the browser a favorite tool to secure older corporate apps, either by blocking insecure features or adding logging capabilities where they didn't exist.

NEW! Text Us Direct Here!Former Spy and intelligence officer, Shawnee Delaney, join us. She is the founder and CEO of Vaillance Group (https://www.vaillancegroup.com) and spent nearly a decade with the Defense Intelligence Agency (DIA) as a decorated Clandestine Services Officer conducting Human Intelligence (HUMINT) operations all over the world. She served four combat zone tours in Iraq and Afghanistan as a Case Officer and Detachment Chief and served as a Supervisory Branch Chief in Europe. Chapters 00:00 Introduction and Background00:30 Shawnee's Expertise in Cybersecurity and Counterintelligence02:21 The Influence of Shawnee's Family and Childhood04:01 Shawnee's Work with the Defense Intelligence Agency08:04 Stories from Shawnee's Government Service15:07 Difference Between Insider Risk and Insider Threat20:01 Mitigating Insider Risk and Threat24:28 Security Awareness and Training Programs32:12 Building a Security Culture41:27 Insider Threat Program at Uber46:12 Lessons Learned from Uber52:41 Upcoming Books on Insider Threat and Cybersecurity EducationAccelerate your CMMC 2.0 compliance and address federal zero-trust requirements with Kiteworks' universal, secure file sharing platform made for every organization, and helpful to defense contractors. Visit kiteworks.com to get started. We're thrilled to introduce Season 5 Cyber Flash Points to show what latest tech news means to online safety with short stories helping spread security awareness and the importance of online privacy protection."Cyber Flash Points" – your go-to source for practical and concise summaries.So, tune in and welcome to "Cyber Flash Points”

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is our sponsored guest, Abhishek Agrawal, CEO and co-founder, Material Security. In this episode: What does defense in depth look like in the cloud? Collaborating on insider risk Email is a vector and a target Understand risk during an IPO Thanks to our podcast sponsor, Material Security! Material Security is a multi-layered email threat detection & response toolkit designed to stop attacks and reduce the threat surface across all of Microsoft 365 and Google Workspace. Learn more at material.security.

Episode Topic: Welcome to an insightful episode of PayPod. We get into the critical subject of AI in insider risk and cybersecurity with Michael Crouse, the director of Enterprise User and Data Protection at Everfox. Crouse shares his extensive experience in cybersecurity, focusing on the often-overlooked aspect of insider risk. The conversation explores how AI is revolutionizing the way companies address and mitigate risks from within their organizations. Michael explains the importance of understanding employee behavior and implementing effective insider risk solutions. As technology evolves, so do the threats, making it imperative to stay ahead with innovative approaches. Lessons You'll Learn: Listeners will gain valuable insights into the intersection of AI in insider risk and cybersecurity. Michael Crouse discusses the significance of focusing on insider risk rather than just external threats. You'll learn about the advanced tools and strategies Everfox employs to protect sensitive data and ensure compliance with regulations. Michael emphasizes the importance of visibility and understanding the root causes of insider threats. This episode highlights the need for a holistic approach to cybersecurity, incorporating behavioral analysis and AI to create robust defense mechanisms. About Our Guest: Michael Crouse is a seasoned cybersecurity expert with a wealth of experience in both government and commercial sectors. As the director of Enterprise User and Data Protection at Everfox, he specializes in high-assurance defense-grade solutions. Michael's background includes working with the Department of Defense and the intelligence community, giving him unique insights into the challenges and complexities of cybersecurity. His passion for safeguarding national interests and his innovative approach to insider risk make him a leading voice in the industry. Michael's expertise in AI in insider risk and cybersecurity is invaluable for organizations aiming to protect their data and assets. Topics Covered: This episode covers a wide range of topics centered around AI in insider risk and cybersecurity. Michael Crouse explains how Everfox uses AI to analyze and mitigate insider threats, ensuring that sensitive data remains secure. The discussion includes the importance of understanding employee behavior, the role of compliance regulations, and the challenges posed by evolving technologies. Michael also touches on the psychological aspects of cybersecurity, highlighting the need for a multidisciplinary approach. Listeners will also hear about the differences in cybersecurity strategies between government entities and commercial organizations, and how lessons from one can benefit the other. Checkout our website- https://www.soarpay.com/

Like any risk measure, the level of insider risk in a health system is never static, despite the fleeting comfort a snapshot might provide. Thus, it's helpful for security and privacy professionals to contemplate the reasons spikes occur so mitigation measures can be implemented at the right time and place. For example, if we consider that issuing new user credentials increases risk (at least until training and education can have an impact), then hiring, firing, and poorly handled identity and access management can cause insider risk levels to spike. Of course that's not even to mention M&A, which can increase a health system's risk profile by thousands of employees and hundreds of applications from one day to the next. So what's an IT executive or privacy officer to do? In this timely webinar, we'll speak to leaders who are focused on managing insider risk so spikes can be addressed as efficiently as possible, and fines from HHS/OCR avoided. Source: Identifying & Mitigating Key Drivers of Insider Risk on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.

In this episode, Dave Holder and Ryan Rambo interview our special guest, Scott Silvestro!   Scott is a Senior Manager, Counterintelligence and Insider Risk, at Tokyo Electron U.S. Holdings.  Below is Scott's biography. Scott Silvestro is a patriot who's committed to enhancing the privatization of counterintelligence. As Senior Manager for the Insider Risk and Counterintelligence Program at Tokyo Electron U.S. Holdings, Scott oversees the program's effectiveness and integrity. The Insider Risk and Counterintelligence Program focuses on wellness as it pertains to proactive applications within insider risk, particularly in countering nation-state, and economic espionage threats. Prior to joining Tokyo Electron U.S. Holdings, Scott founded Vex Intel, a consultancy executing advanced technical counterintelligence initiatives for a varied client base. Additionally, Scott worked as an Independent Consultant in an undisclosed program and as an Officer with the U.S. Secret Service, serving on the elite Counter Surveillance Division. Scott co-chairs the Nation-State and Counterintelligence Special Interest Group within the Open Source Insider Threat Information Sharing Working Group at Carnegie Mellon University's Software Engineering Institute, where he also earned the CERT Insider Threat Program Manager Certificate. Scott holds a B.A. in Government and World Affairs from The University of Tampa. A constant advocate for growth, he continually expands his expertise in insider risk, counterintelligence, and security disciplines. Timestamps: 3:  Guest Introduction 9:  Scott's Background 17:  Surveillance/Countersurveillance 25:  Protecting the Semiconductor Industry 35:  Trust in the CI Field 43:  Scott's Approach to the CI Program 57:  Listener Questions! 1:11 CI Support to Signature Reduction 1:22  Where is Scott's Program in the Corporate Structure 1:37  Parting Words of Wisdom

Episode 4 of #UnIntelligence - The Corporate Counterintelligence Podcast is now live on PodBean, YouTube, and Spotify! In this episode, Dave Holder and I dive deep into the Corporate Counterintelligence program. Check out some key moments below and let us know your thoughts in the comments! - Should the Insider Risk program fall under the Corporate CI Program? (3:00) - Physical Security and Cybersecurity crossover; CI investigative process (13:00) - CI Support to threat and vulnerability assessments (28:00) - Data Protection, InfoSec, Information System Continuous Monitoring (38:00) - Who are the threat actors CI should be focusing on? (58:00) - The Lawyer's Perspective (1:13:00)

Protect your organization from insider threats with Microsoft Entra's Conditional Access and Adaptive Protection in Microsoft Purview. Automatically block access to critical assets when insider risk levels elevate, ensuring data security and compliance seamlessly. Set up custom policies based on risk levels and enforce strong authentication measures, safeguarding against data breaches. Gain control and visibility over insider activities without manual intervention, empowering proactive security measures. Erin Miyake, Microsoft Purview's Principal Product Manager shares how to enhance your data protection strategy.   ► QUICK LINKS: 00:00 - Insider Risk in Conditional Access 00:41 - Extend Conditional Access 01:20 - Privacy-first approach 01:56 - Configure policy indicators 03:21 - Adapt protections based on changing risk 04:13 - Set custom policies 05:27 - Set a Conditional Access policy for moderate risk users 06:12 - Insider risk level changing over time 07:04 - Wrap Up   ► Link References: For more about the policies you can set up go to https://aka.ms/IRM Mechanics Get started today at https://aka.ms/adaptiveprotection  Watch our series on Insider Risk Management at https://aka.ms/IRMMechanics   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Jadee Hanson, CISO and CIO at Code42, shares how even as a kid she knew cybersecurity was her calling and how that led to CISO, CIO, and product leadership responsibilities.About Jadee Hanson: As chief information security officer and chief information officer at Code42, Jadee Hanson leads global risk and compliance, security operations, incident response, and insider threat monitoring and investigations. To her position, she brings more than 17 years of information security and a proven track record of building security programs.Prior to Code42, Jadee held a number of senior leadership roles in the security department of Target Corporation, where she implemented key programs, including spearheaded the effort to embed security resources into the development process as well as the security plans behind the acquisition of software development and online retail companies. She was the security lead for the sale of Target Pharmacies to CVS Health. Before joining Target, Jadee worked at Deloitte, where she served as a security consultant for companies across diverse industries such as healthcare, manufacturing energy, retail and more.Jadee is a co-author of Inside Jobs: Why Insider Risk Is the Biggest Cyber Threat You Can't Ignore, which shines a light on Insider Risk and details what business and security leaders can do to keep their workforces productive and data protected.In addition to her day job at Code42, Jadee is the founder and CEO of the non-profit organization Building Without Borders, which serves those in poverty-stricken areas throughout the world through housing services. Since April 2015, Building Without Borders has built 39 houses in areas of the Dominican Republic. In her spare time, you can find Jadee working for her non-profit, enjoying time with her husband and three girls, and spending time on the lake.SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

On this week's episode, Andy and Adam talk about the results of the MITRE Engenuity ATT&CK Evaluations and how to interpret them. They also talk about the rising costs of insider risk and some things you can do to combat insider risk. ------------------------------------------- Youtube Video Link: ⁠⁠⁠https://youtu.be/FF1ZD73X5nA ------------------------------------------- Documentation: https://attackevals.mitre-engenuity.org/enterprise/turla/ https://www.microsoft.com/en-us/security/blog/2023/09/20/microsoft-365-defender-demonstrates-100-percent-protection-coverage-in-the-2023-mitre-engenuity-attck-evaluations-enterprise/ https://twitter.com/FrankMcG/status/1702155374386692107?s=20 https://www.csoonline.com/article/652964/insider-risks-are-getting-increasingly-costly.html ---------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Threads: ⁠⁠⁠⁠⁠⁠⁠https://www.threads.net/@bluesecuritypodcast⁠⁠⁠⁠⁠⁠⁠ Linkedin: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Youtube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitch: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.twitch.tv/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Andy Jaw Mastodon: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://infosec.exchange/@ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message

It's National Insider Risk Awareness Month, a month where companies and government agencies step out and look to step up their insider risk understanding. ClearanceJobs chatted with Dave Komendat, the former Chief Security Officer at Boeing, currently the president of DSKomendat Risk Management Services, and recently named as an advisor for SIMS Software, a leading security information management system supporting the national security community and commercial sector in addressing insider risk.Insider threats are nothing new, and Komendat spent a career addressing security from a variety of levels. He learned the important art of not just understanding risk, but being able to convey it to the C-suite – which is a critical aspect of developing a successful security program. For too long, security was a stove-piped function without the proper crossover into other key company functions, like IT and human resources. Komendat talks about making the shift and other practical considerations for security programs and officers today. Hosted on Acast. See acast.com/privacy for more information.

In this episode of our podcast series on insider risk, Catherine Marinis-Yaqub is joined by Pete Marta, a partner in Hogan Lovells' Cybersecurity Practice in New York City.    Establishing and operating an insider risk management program can often be a daunting and overwhelming experience for companies, and our speakers delve into the challenges facing insider risk programmes and how organisations can increase engagement throughout their organization, confront sensitive issues such as employee privacy, and why insider risk is, at the end of the day, a “team sport”.

In this episode of our podcast series on insider risk, Catherine Marinis-Yaqub is joined by Doug Thomas, the Managing Director for the Threat Detection and Analysis Office at JP Morgan Chase. Establishing and operating an insider risk management program can often be a daunting and overwhelming experience for companies, and our speakers delve into the challenges facing insider risk programmes and how organisations can increase engagement throughout their organization, confront sensitive issues such as employee privacy, and why insider risk is, at the end of the day, a “team sport”.

Lauren Wygant's path might sound familiar: from high school athlete to becoming a secret agent and, eventually, a corporate security specialist. However, Lauren's journey has been purposeful and deliberate. Throughout her personal and professional life, she has remained deeply connected to her "why," serving as a guiding force. Having previously worked as a human intelligence specialist in the Central Intelligence Agency, where her responsibilities included identifying and recruiting assets, Lauren now utilizes those same invaluable skills to help individuals and organizations identify and mitigate risks effectively. Join the team as we delve into Lauren's rich experiences and discover how you can harness her skill set to enhance your resilience as a practitioner and within your organization.  Give us your feedback at protectiontalk@outlook.com

On this week's episode, Adam and Andy talk about Apple's new Rapid Security update for iOS and Android. They also talk about different ways to encrypt data for protection. Finally, with layoffs still happening, they talk about how workforce reductions can have an impact on your security posture and how to be prepared for this. ------------------------------------------- Youtube Video Link: ⁠⁠⁠⁠https://youtu.be/KM5fvWH8EVY⁠ ------------------------------------------- Documentation: ⁠https://support.apple.com/en-us/HT201224 ------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠ Linkedin: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod⁠⁠⁠⁠⁠⁠⁠⁠⁠ Youtube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitch: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.twitch.tv/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Andy Jaw Mastodon: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://infosec.exchange/@ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message

A resilient cybersecurity strategy is essential to running your business while protecting against security threats and preventing data breaches. For CISOs, partnering with a managed service security provider (MSSP) means you can be in control of your organization's information and infrastructure security without placing a strain on internal personnel or resources which is critical in today's uncertain economy. With an MSSP on board, CISOs are better equipped to meet strategic and business goals, while improving operations and reducing expenses. This interview will discuss not only why to consider an MSSP but how to choose the right one for the job. This segment is sponsored by Direct Defense. Visit https://securityweekly.com/directdefensersac to learn more about them!   Insider Risk is a problem that continues to grow - and that companies are still struggling to solve. CISOs state that it is the number one most difficult threat to detect, placing it over malware and ransomware. Code42 President and CEO Joe Payne will explain why the Insider Risk problem is so challenging and will offer guidance on how to solve it. This segment is sponsored by Code42. Visit https://securityweekly.com/code42rsac to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw305 

A resilient cybersecurity strategy is essential to running your business while protecting against security threats and preventing data breaches. For CISOs, partnering with a managed service security provider (MSSP) means you can be in control of your organization's information and infrastructure security without placing a strain on internal personnel or resources which is critical in today's uncertain economy. With an MSSP on board, CISOs are better equipped to meet strategic and business goals, while improving operations and reducing expenses. This interview will discuss not only why to consider an MSSP but how to choose the right one for the job. This segment is sponsored by Direct Defense. Visit https://securityweekly.com/directdefensersac to learn more about them!   Insider Risk is a problem that continues to grow - and that companies are still struggling to solve. CISOs state that it is the number one most difficult threat to detect, placing it over malware and ransomware. Code42 President and CEO Joe Payne will explain why the Insider Risk problem is so challenging and will offer guidance on how to solve it. This segment is sponsored by Code42. Visit https://securityweekly.com/code42rsac to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw305 

Each year, Forrester tracks the top systemic risks — external events that impact your firm and customers but are out of your control — facing organizations. The impacts of climate change are both short-term, in the form of severe weather, drought, and heat waves, and long-term, in the form of biodiversity loss, sea-level rise, and rising temperatures. Want to see where climate risk ranked on the list? Read The Top Systemic Risks, 2023 (https://www.forrester.com/report/the-top-systemic-risks-2023/RES179156) or listen to this segment on Business Security Weekly.   A resilient cybersecurity strategy is essential to running your business while protecting against security threats and preventing data breaches. For CISOs, partnering with a managed service security provider (MSSP) means you can be in control of your organization's information and infrastructure security without placing a strain on internal personnel or resources which is critical in today's uncertain economy. With an MSSP on board, CISOs are better equipped to meet strategic and business goals, while improving operations and reducing expenses. This interview will discuss not only why to consider an MSSP but how to choose the right one for the job. This segment is sponsored by Direct Defense. Visit https://securityweekly.com/directdefensersac to learn more about them!   Insider Risk is a problem that continues to grow - and that companies are still struggling to solve. CISOs state that it is the number one most difficult threat to detect, placing it over malware and ransomware. Code42 President and CEO Joe Payne will explain why the Insider Risk problem is so challenging and will offer guidance on how to solve it. This segment is sponsored by Code42. Visit https://securityweekly.com/code42rsac to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/bsw305 

Each year, Forrester tracks the top systemic risks — external events that impact your firm and customers but are out of your control — facing organizations. The impacts of climate change are both short-term, in the form of severe weather, drought, and heat waves, and long-term, in the form of biodiversity loss, sea-level rise, and rising temperatures. Want to see where climate risk ranked on the list? Read The Top Systemic Risks, 2023 (https://www.forrester.com/report/the-top-systemic-risks-2023/RES179156) or listen to this segment on Business Security Weekly.   A resilient cybersecurity strategy is essential to running your business while protecting against security threats and preventing data breaches. For CISOs, partnering with a managed service security provider (MSSP) means you can be in control of your organization's information and infrastructure security without placing a strain on internal personnel or resources which is critical in today's uncertain economy. With an MSSP on board, CISOs are better equipped to meet strategic and business goals, while improving operations and reducing expenses. This interview will discuss not only why to consider an MSSP but how to choose the right one for the job. This segment is sponsored by Direct Defense. Visit https://securityweekly.com/directdefensersac to learn more about them!   Insider Risk is a problem that continues to grow - and that companies are still struggling to solve. CISOs state that it is the number one most difficult threat to detect, placing it over malware and ransomware. Code42 President and CEO Joe Payne will explain why the Insider Risk problem is so challenging and will offer guidance on how to solve it. This segment is sponsored by Code42. Visit https://securityweekly.com/code42rsac to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/bsw305 

Detect data loss, exfiltration, and data theft with intelligent automation solutions in Microsoft Purview. Data lives across apps, databases, and in file sharing locations inside and outside your infrastructure. It can be stored on devices and removable media, and it travels with each interaction. Secure data with a scalable and automated approach— discover and understand the growing volume of sensitive data, apply protections that follow data wherever it lives or travels, take preventative action when there's a risk of data loss, and elevate or lower data protections based on individual users to balance productivity with data security. Information Protection, Data Loss Prevention, and Insider Risk Management provide a unified platform in Microsoft Purview for intelligent, automated data protection. ► QUICK LINKS: 00:00 - Introduction 00:45 - Intelligent data security 01:29 - Information Protection 01:53 - Data Loss Prevention 02:22 - Insider Risk Management 03:00 - Example of information protection 03:55 - Wrap up ► Link References: Watch our series on Microsoft Purview at https://aka.ms/DataSecurityMechanics ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Insiders - employees, contractors, and partners - are responsible for almost a quarter of data breaches. Reducing insider risk requires a dedicated approach, including user monitoring. But be careful, Forrester predicts that a C-level executive will be fired for their firm's use of employee monitoring in 2023.   Segment Resources: https://www.forrester.com/blogs/predictions-2023-security/?ref_search=3092262_1675290315432 https://www.forrester.com/blogs/apply-critical-thinking-and-culture-to-reduce-insider-risk/ https://www.forrester.com/blogs/practice-empathy-to-reduce-insider-risk/ https://www.forrester.com/blogs/pandemic-fallout-creates-perfect-conditions-for-insider-threat/   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw304

Insiders - employees, contractors, and partners - are responsible for almost a quarter of data breaches. Reducing insider risk requires a dedicated approach, including user monitoring. But be careful, Forrester predicts that a C-level executive will be fired for their firm's use of employee monitoring in 2023.   Segment Resources: https://www.forrester.com/blogs/predictions-2023-security/?ref_search=3092262_1675290315432 https://www.forrester.com/blogs/apply-critical-thinking-and-culture-to-reduce-insider-risk/ https://www.forrester.com/blogs/practice-empathy-to-reduce-insider-risk/ https://www.forrester.com/blogs/pandemic-fallout-creates-perfect-conditions-for-insider-threat/   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw304

This podcast interview session addresses how to create an insider threat/insider trust program that mitigates insider risks while respecting employee's privacy rights. Best practices and advice for starting a new insider threat program will be shared. Questions Corey will ask speakers: 1) To help those who are just starting to create an insider threat/insider trust program within their company, what are some available resources that you would recommend checking out? 2) What are some insider threat/insider trust best practices that you have found to be invaluable when standing up a program? 3) How does a company create an insider threat/insider trust program that is effective at mitigating insider risks while simultaneously respecting employee's privacy rights? Can it be done? 4) What future changes do you anticipate in the world of insider risk management in relation to tools, regulations, processes, etc. in the next 5 years? 5) Should an insider threat/insider trust program be a discreet or very public function? Can you explain why you feel the way that you do? Moderator:  @Corey Reitz - Distinguished Cyber Assurance Architect, Sandia National Laboratories  Speakers: @Joshua Smith - Senior IT Security Analyst, Ogletree Deakins Michael Theis - Chief Engineer & Assistant Director for Research, National Insider Threat Center, CERT/SEI, Carnegie Mellon University ​ Recorded on 01-18-2023​

Barry Madetzke is a two-time veteran (Navy and Army) and recently retried in July 2022, after 23 years of service to the nation. He was an Seaman Apprentice in the US Navy and served in the US Army as both an Infantry and Military Intelligence Officer. He recently pivoted into cybersecurity with a focus on Insider Risk and is a Senior Consultant with Mandiant (now a part of Google Cloud). Hard work, teamwork, respect, and determination guide his actions. One of the most valuable lessons that has come from his experience is that a clear vision and teamwork are the facilitators of success and that growth happens through investing in each other's thoughts and progress. He has been married for 20 years and has three boys (and no nice furniture!) He enjoys learning, reading, and working out during his free time. --- Support this podcast: https://anchor.fm/vets2pm/support

On this week's episode, Adam and Andy talk about Microsoft's Insider Risk Report for 2022. This report give insight on how to build a holistic insider risk program but combining tooling, people management, trust, and processes. Insider risk is on the rise. Listen in as Andy and Adam break down the report and give you the highlights on how to get started on building your insider risk program. ------------------------------------------- YouTube Video Link: https://youtu.be/UdoBv3R-OeE ------------------------------------------- Documentation: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE58Ymd ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com --- Send in a voice message: https://anchor.fm/blue-security-podcast/message

Today on this bonus episode of That Tech Pod, Laura and Gabi speak to EY's Joe Pochron and Lou Bladel.  Joe Pochron is the west region's digital forensic and insider threat lead for EY's Forensic & Integrity Service Practice, based in San Francisco, CA. Joe's expertise is in digital forensics, insider threats, and helping EY clients on complex cyber investigations and cyber incidents response needs.Joe has over 20 years of combined experience in digital forensics, cybercrime investigations, eDiscovery, and cyber incident response. During that time, he has investigated or managed thousands of cases involving the collection and analysis of computer, mobile device, network, and cloud-based data. Joe has testified numerous times in local, state, and federal legal matters as a digital forensic expert. Additionally, he frequently provides expert affidavits, or expert forensic reports for clients in support of digital forensic analysis or cyber investigative needs. Joe routinely consults with clients regarding digital forensics, insider threats, data privacy, incident response and electronic discovery matters. He has managed the preservation, analysis, and review of electronically stored information in a wide range of matters including investigations, independent litigation, regulatory compliance and internal inquiries. Joe is a frequent speaker at technical or legal conferences. Additionally, he has been an educator for many industry professionals, serving as an adjunct professor at the university level for many years, teaching courses on digital forensics and cybercrime.Lou is a managing director in the Forensic & Integrity Services practice. He is the Practice Leader for Intellectual Property Theft Services, which assists clients in responding to, investigating and remediating insider threat, intellectual property, trade secret theft and third party risk management. Lou and his team develop and implement comprehensive data integrity and security services. Lou consults with US federal law enforcement agency directors, government regulators and key executives of Fortune 100 companies, Fortune 500 C-suite officials and boards of directors from across industry on matters of economic espionage and insider threats. Lou has over 26 years of federal law enforcement experience serving in the U.S. Marshals Service, Naval Criminal Investigative Service and the Federal Bureau of Investigation (FBI), retiring from the FBI in 2016. The majority of Lou's law enforcement career involved leading and investigating counterintelligence matters. Lou has held numerous leadership positions within the FBI, including Special Agent in Charge of the New York office of the FBI's Counterintelligence Division where he led the recent espionage/insider threat arrest and successful plea negotiation of an FBI employee. As Chief of the FBI's Counterespionage Section, he led the espionage investigations of David Petraeus and Edward Snowden. He also led the production of The Company Man, an award-winning training film that educated private sector companies on the dangers of economic espionage. The film won an Emmy (2016), the CINE Golden Eagle Award (2014) and five gold and bronze Peer Awards. In 2013, he successfully testified before the U.S. Sentencing Commission to enhance the criminal penalties for theft of proprietary information. He managed the DuPont economic espionage investigation, which resulted in the FBI's first-ever jury trial conviction for economic espionage. The case won the 2014 FBI Director's Award for Counterintelligence Excellence. He was featured on NBC Nightly News promoting awareness of the FBI's economic espionage program. Lou also won the National Counterintelligence Executive Award for Community Excellence in Leadership for his role in the FBI operation that led Lou frequently speaks at high-profile public and private sector forums. 

Closing out Insider Threat Awareness Month with us is Maria Bada, Ph.D, a Lecturer in Cyberpsychology at Queen Mary University in London and a RISCS Fellow in cybercrime. Maria shares insights on the insider threat challenge through a human-centric lens and the criticality of educational awareness, transparency and training (note: check out AwareGo!) to better mitigate the threat. When 98% of organizations are vulnerable to insider threat, and the “accidental” insider is the one most often reported, empowering employees with tools and knowledge to understand and be aware of the threats can really make a positive impact. We also discuss the myriad profiles of functional insiders, promoting a culture of security impact, the power of positive vs punitive training (think fake phishing campaigns executed by internal security teams) and how we should start thinking about and addressing the growing social engineering threat. Maria Bada, Ph.D A Lecturer in Cyberpsychology at Queen Mary University in London and a RISCS Fellow in cybercrime. Her focus is the human aspect of cybercrime and cybersecurity. She is also a cyber expert at AwareGo. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e200

In this episode of Inside Jobs, host Hillarie McClure is joined by Austin Wolf, Staff Information Security Analyst at Code42, to discuss how to conduct an insider risk investigation when leading with empathy, what makes this approach unique and more successful, and more. Code42 is defining data security standards for the hybrid workforce. As the needs of workforces have evolved, so has Code42's data security and insider risk management solutions. To learn more about our sponsor, visit https://code42.com/

In this episode of Inside Jobs, host Hillarie McClure is joined by Chrysa Freeman, Senior Security Instructional Content Designer at Code42, to discuss the approach to empathetic investigations, how to develop an empathetic mindset, and why it helps insider risk analysts. Code42 is defining data security standards for the hybrid workforce. As the needs of workforces have evolved, so has Code42's data security and insider risk management solutions. To learn more about our sponsor, visit https://code42.com/

Microsoft warns Iranians using Log4Shell Montenegro hit with Russian cyberattacks AlphaBay Turns 1 Thanks to this week's episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk. Code42 believes that the Three Es should define any IRM program: expertise, education, and enforcement. Shift your security culture from “watchdog” to “guide dog” and everyone wins. Learn more at Code42.com/showme.

State-backed attacks excluded from cyber insurance LockBit hit with DDoS Cozy Bear using Microsoft accounts to bypass MFA Thanks to today's episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk. Code42 believes that the Three Es should define any IRM program: expertise, education, and enforcement. Shift your security culture from “watchdog” to “guide dog” and everyone wins. Learn more at Code42.com/showme.

Sam Stein is joined by Ryan Reilly, Justice Reporter at NBC News Digital, Joyce Vance, Former U.S. Attorney, Joanne Freeman, Professor of History and American Studies at Yale University, Manuel Oliver, Founder of Change The Ref, Michele Goodwin, Law Professor at University of California – Irvine, Secretary Jena Griswold,(D) Colorado Secretary of State, Irin Carmon, Senior Correspondent at New York Magazine, Dr. Tani Molhatra, OB/GYN- Maternal and Fetal Medicine at UH Cleveland Medical Center, Rep. Ilhan Omar (D-MN), Olivia Troye, Chief Political Strategist at Renew America Movement, Peter Beinart, MSNBC Political Analyst, and Aimee Allison, Founder & President of She The People.

In this episode of Inside Jobs, Abhik Mitra, Head of Portfolio Strategy at Code42, joins host Hillarie McClure to discuss how GRC and security can partner to reduce insider risk, as well as what a government-first approach is, why it's important, and more. Code42 is defining data security standards for the hybrid workforce. As the needs of workforces have evolved, so has Code42's data security and insider risk management solutions. To learn more about our sponsor, visit https://code42.com

Pushpendra Mehta meets with Craig Jeffery, Managing Partner of Strategic Treasurer, to review the latest treasury news and developments. Topics of discussion include global central banks ramping up inflation fight, the dollar riding high despite inflation, GTreasury collaborating with Moody's Analytics, banks gearing up to test real-time payments across borders, and insider risk and human error posing a huge security threat to organizations. 1:12 - Central banks lower curtain on era of minimal interest rates https://ctmfile.com/story/central-banks-lower-curtain-on-era-of-minimal-interest-rates 2:41 - US dollar rides high despite inflation spike https://ctmfile.com/story/us-dollar-rides-high-despite-inflation-spike-industry-roundup-tenth-may 7:00 - GTreasury pairs with Moody's Analytics https://ctmfile.com/story/us-dollar-rides-high-despite-inflation-spike-industry-roundup-tenth-may 9:34 - Banks preparing to test real-time cross-border payments https://ctmfile.com/story/rise-in-suspicious-crypto-activity-industry-roundup-4-may-2022 11:42 - Insider risk and human error pose grave security threat to organizations https://ctmfile.com/story/insider-risk-and-human-error-pose-grave-security-threat-to-organizations

Data breach disclosures surge 14% in Q1 2022 Windows 11 tool to add Google Play secretly installed malware DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii Thanks to our episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk.    Code42 believes that the Three Ts should define any IRM program: transparency, training, and technology. Shift your security culture from “watchdog” to “guide dog” and everyone wins. Learn more at Code42.com/showme. For the stories behind the headlines, head to CISOseries.com.

New Meta information stealer distributed in malspam campaign NB65 group targets Russia with a modified version of Conti's ransomware Elon Musk unveils vision for Twitter after joining board Thanks to our episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk.    Code42 believes that the Three Ts should define any IRM program: transparency, training, and technology. Shift your security culture from “watchdog” to “guide dog” and everyone wins. Learn more at Code42.com/showme. For the stories behind the headlines, head to CISOseries.com.

Russian secret police exposed in data leak MailChimp hit with breach The Bureau of Cyberspace and Digital Policy goes live Thanks to our episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk.    Code42 believes that the Three Ts should define any IRM program: transparency, training, and technology. Shift your security culture from “watchdog” to “guide dog” and everyone wins. Learn more at Code42.com/showme.

In this CyberWire-X episode, host Dave Bittner chats with the judges of the Insider Risk Excellence Awards. The inaugural awards program, announced during last September's Insider Risk Summit, recognizes the best of the best in Insider Risk Management. They honor the work of individuals and organizations as they address Insider Risk in the most collaborative work environment we've ever seen. Judges Joe Payne, President and CEO, Code42 and Chairman, Insider Risk Summit and Wendy Overton, Director of Cyber Strategy and Insider Risk Leader, Optiv, talk about the growing Insider Risk problem, reveal the winners of each award category and pull back the curtain on how each of these Insider Risk trailblazers are making an impact. 

In this episode of Inside Jobs, Jadee Hanson, CISO & CIO at Code42, joins host Zack Hack to discuss a recent insider risk event that took place at Code42, including what happened, the next steps involved to remedy the situation, and more. Code42 is defining data security standards for the hybrid workforce. As the needs of workforces have evolved, so has Code42's data security and insider risk management solutions. To learn more about our sponsor, visit https://code42.com/

The rising adoption of digital processes in manufacturing has fundamentally changed how this sector does business. The increased reliance on digitization and network connectivity has sharpened the risks of company data exfiltration, intellectual property damages, and more, especially those stemming from insiders. Insider threat actors operate from a position of trust that allows them to circumvent security and evade detection for months, if not years. Manufacturing ranks among the top five industries with the highest reported insider breaches and privilege misuse. In Verizon's Data Breach Investigations Report, nearly 40% of the cybersecurity incidents in manufacturing traced to insiders, including partners and third-party vendors. The same report outlined 57% of database breaches to an insider within the organization. According to a CISA report, the manufacturing sector reported the highest number of insider attacks among companies in the critical infrastructure sector. These incidents can be perpetrated by employees of all ranks, contractors, third-party vendors, and partners resulting in severe damages to businesses of all sizes. IBM's annual Insider Threat report estimates the average cost of insider attacks rose by 31% in 2020 to $11.45 million from the previous two years, and the number of insider incidents climbed by 47%. Insider security breaches in manufacturing are now an impending reality requiring companies to safeguard themselves. This article dives deeper into the dynamics and challenges leading to the rise of insider incidents in manufacturing and ways to mitigate those.

In this episode of Inside Jobs, host Zack Hack is joined by Chrysa Freeman, Senior Security Instructional Content Designer at Code42, to discuss training and the role it plays in eliminating insider risk, Code42's recently launched Instructor™ Microlearning Solution for Insider Risk Reduction, and more. Code42 is defining data security standards for the hybrid workforce. As the needs of workforces have evolved, so has Code42's data security and insider risk management solutions. To learn more about our sponsor, visit https://code42.com/

In the leadership and communications section, Cybersecurity increasingly on audit committee agendas, CIO involvement in security grows as CEOs target risk reduction, How Poor Security Culture Leads to Insider Risk, and more!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw248

Dan Matthews, Director, Worldwide Sale Engineering from Constella Intelligence, will discuss the challenges with digital risk protection and how to protect your executives, employees, and corporate brand. In the Leadership and Communications section, Cybersecurity increasingly on audit committee agendas, CIO involvement in security grows as CEOs target risk reduction, How Poor Security Culture Leads to Insider Risk, and more!   Show Notes: https://securityweekly.com/bsw248 Visit https://securityweekly.com/constella to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Dan Matthews, Director, Worldwide Sale Engineering from Constella Intelligence, will discuss the challenges with digital risk protection and how to protect your executives, employees, and corporate brand. In the Leadership and Communications section, Cybersecurity increasingly on audit committee agendas, CIO involvement in security grows as CEOs target risk reduction, How Poor Security Culture Leads to Insider Risk, and more!   Show Notes: https://securityweekly.com/bsw248 Visit https://securityweekly.com/constella to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

In the leadership and communications section, Cybersecurity increasingly on audit committee agendas, CIO involvement in security grows as CEOs target risk reduction, How Poor Security Culture Leads to Insider Risk, and more!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw248

This is the audio-only version of our twice-weekly cyber security talk show, teissTalk.  Join us twice a week for free by visiting www.teiss.co.uk/talk  On this episode, we focus on the following news story; Shadow IT Alert: Half of Home Workers Buy Potentially Insecure Kit https://www.infosecurity-magazine.com/news/half-home-workers-buy-insecure-kit/  The panel discussion is titled “Rethinking your approach to insider risk” https://www.teiss.co.uk/teisstalk/rethinking-your-approach-to-insider-risk/  This episode is hosted by Jenny Radcliffe  https://www.linkedin.com/in/jenny-radcliffe-the-people-hacker-%F0%9F%8E%A4%F0%9F%8E%A7%F0%9F%A7%A0-85ba1611/   Our Guests are Nick Harris, Director of InfoSec and Cyber Resilience, Oxford Nanopore Technologies https://www.linkedin.com/in/harrisprofile/  Brian Reed, Cybersecurity Evangelist, Proofpoint https://www.linkedin.com/in/brianreed/ 

Microsoft's new Insider Risk Management features are a great addition to the security protections for businesses. However, this episode talks about the extent of monitoring you can do at the individual level and what this could do to the company/employee relationship. Source - https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management-configure?view=o365-worldwide Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

In this episode of Inside Jobs, Jadee Hanson, CISO & CIO at Code42, joins host Hillarie McClure to discuss the three top macro trends she's seeing in cybersecurity, how they've led to insider risk management being crucial for security stacks, and more. Code42 is defining data security standards for the hybrid workforce. As the needs of workforces have evolved, so has Code42's data security and insider risk management solutions. To learn more about our sponsor, visit https://code42.com/

  Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe  

#27 In this week's podcast episode, guest Mike Miller joins host Melissa Crouch to chat about data protection and security solutions for businesses. They chat about realistic email scams they have received, insider risk, how your company may be susceptible, and they go over one of our favorite security solutions- Microsoft Endpoint Manager (MEM). Enjoy!

In this episode of Inside Jobs, Joe Payne, President and CEO at Code42, joins host Hillarie McClure to discuss intent vs. non-malicious insider risk activity, how you can keep your enterprise safe, and more. Code42 is defining data security standards for the hybrid workforce. As the needs of workforces have evolved, so has Code42's data security and insider risk management solutions. To learn more about our sponsor, visit https://code42.com/

ReverseRat is back and better, and it's sniffing at Afghanistan. LockBit wants $50 million from Accenture. When employees leave, do they take your data with them? (Survey, or rather, telemetry, says yes.) Unpatched Apex One instances are under active attack. PrintNightmare continues to resist patching. Google bans SafeGraph. Apple explains what's up with iCloud privacy. Caleb Barlow wonders if ransomware payments financing criminal infrastructure in Russia. Our guest is Oliver Rochford from Securonix on the notion of cyberwar. And the SynAck ransomware gang rebrands. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/156

Guest Joe Payne of Code 42 joins Dave to discuss insider risks Joe has a story about Frank Abagnale who's conned everyone one way or another, Dave's story is about a real estate scam conning a single mother of her life savings, and our Catch of the Day is from listener Michael with an "Extremely Urgent Attention Required" email. Links to stories: Confessions of a Famous Fraudster: How and Why Social Engineering Scams Work Real estate scam robs Florida mom of $63K in life savings Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe Payne is the CEO of Code42 Software, a leading data security company that focuses on reducing the risk of data leakage from insider threats. Joe is a seasoned executive with more than 20 years of experience and a proven track record leading high growth security and technology companies.  Joe engages personally in product strategy and direction, while growing and providing vision and guidance to a world-class team of security executives.  Previously, Joe served as CEO of eSecurity, the first SIEM software company and also served as the president of iDefense prior to its acquisition by VeriSign.  At iDefense, Joe led some of the best white-hat security researchers in the world and worked with the top financial institutions and government agencies in the United States to help improve their risk profile. During this interview we cover: 00:00 Postalitics, Stand Out With Direct Mail Automation 01:18 - Intro 02:30 - Joe's  Background & Past Positions & becoming an entrepreneur. 03:27 - Keep Going as a CEO or Founding a Startup? 05:00 - Code42 in Terms of Size 07:11 - INSYDER Risk & What is Endpoint Data Protection 16:22 - Data protection Makes Employees Feel Invaded? 19:94 - Main Threats to The End-Users 22:22 - Staying on Top of Evolving Threats 24:01 - Right Time to Invest In Data Security for Your SaaS 25:29 - The Challenges of Moving to Remote. 28:30 - Open Source, Security Data Tips For Founders Mentions: https://www.oracle.com/mx/cx/marketing/automation/?source=:ad:pas:go:eng:a_lad:71700000073369779-58700007096619161-p63856576743:RC_WWMK210421P00012C0003:MainAd&SC=:ad:pas:go:eng:a_lad::RC_WWMK210421P00012C0003:MainAd&gclid=Cj0KCQjw2tCGBhCLARIsABJGmZ7vFH5VUbI6btIg0NpkqPnOcO7UcY1QKiJFO8ljiKrJzQZHoXBck8YaAqIWEALw_wcB&gclsrc=aw.ds (Oracle Eloqua) https://www.code42.com/ (INCYDER) https://www.forcepoint.com/es/cyber-edu/shadow-it (Shadow IT) People: https://techcrunch.com/2016/11/20/harry-weller-a-midas-list-vc-and-the-head-of-neas-east-coast-practice-has-passed-away/ (Harry Weller ) Get In Touch With Joe: https://www.linkedin.com/in/paynejoe/ (Joe Payne's Linkedin) Tag us & follow: https://www.facebook.com/HorizenCapitalOfficial/ (Facebook)  https://www.linkedin.com/company/horizen-capital (LinkedIn)  https://www.instagram.com/saasdistrict/ (Instagram)  More about Akeel: Twitter - https://twitter.com/AkeelJabber (https://twitter.com/AkeelJabber) LinkedIn - https://linkedin.com/in/akeel-jabbar (https://linkedin.com/in/akeel-jabbar) More Podcast Sessions - https://horizencapital.com/saas-podcast (https://horizencapital.com/saas-podcast)

In this episode of Inside Jobs, Joe Payne, President and CEO at Code42, joins host Hillarie McClure to discuss the difference between insider risk and insider threat. Code42 is defining data security standards for the hybrid workforce. As the needs of workforces have evolved, so has Code42's data security and insider risk management solutions. To learn more about our sponsor, visit code42.com/

All links and images for this episode can be found on CISO Series https://cisoseries.com/defense-in-depth-insider-risk/ By just doing their jobs, your employees are introducing risk to the business. They don't mean to be causing issues, but their simple actions and sometimes mistakes can cause great harm. Is it their fault, or is it security's fault for not creating the right systems? Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host, Steve Zalewski, CISO, Levis, and our sponsored guest Mark Wojtasiak (@markwojtasiak), vp, portfolio strategy & product marketing, Code42 and author of Inside Jobs: Why Insider Risk is the Biggest Cyber Threat You Can't Ignore. Thanks to our podcast sponsor, Code42 Redefine data security standards for the hybrid workforce. Check out Code42. In this episode: Distractions and fatigue causing split-second mistakes The need for tailored education and training Making it easier for people to make the right choice Identify ways damage could happen, in order to mitigate

Throughout the course of this podcast series, we've had an abundance of great conversations with our colleagues at Microsoft about how they're working to better protect companies and individuals from cyber-attacks, but today we take a look at a different source of malfeasance: the insider threat. Now that most people are working remotely and have access to their company's data in the privacy of their own home, it's easier than ever to access, download, and share private information. On today's episode, hosts Nic Fillingham and Natalia Godyla sit down with Microsoft Applied Researcher, Rob McCann to talk about his work in identifying potential insider risk factors and the tools that Microsoft's Internal Security Team are developing to stop them at the source.  In This Episode, You Will Learn: The differences between internal and external threats in cybersecurity  Ways that A.I. can factor into anomaly detection in insider risk management  Why the rise in insider attacks is helping make it easier to address the issue Some Questions We Ask: How do you identify insider risk?  How do you create a tool for customers that requires an extreme amount of case-by-case customization?  How are other organizations prioritizing internal versus external risks? Resources: Rob McCann's Linkedin Rob McCann on Uncovering Hidden Risk Insider Risk Blog Post Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

What are insider threats and is there something companies do to prevent data and information breaches? Joe Payne, CEO of Code42 Software talks about why organizations should have an insider risk program in place, the role of training in preventing breaches, and some red-flags companies should look out for.

This episode talks about the Insider Risk.  After listening to this podcast please visit Action Fraud, National Cyber Security Centre and the West Midlands Cyber Protect Website for more guidance on all things relating to online Security.   www.actionfraud.police.ukwww.ncsc.gov.ukwww.wmcyber.org Our host is Mathew Hough-Clews and can be found at sp_digitalpcso. Also covering the West Midlands is Sean Long – WMPDigitalPCSO and covering Warwickshire and West Mercia Police areas is James Squire - cyberpcso. To attend other events provided by the RCCU please see below.·        Are you prepared for a Cyber Attack? ·        Got questions about Cyber Crime?·        Can you spot a phishing Email?To contact us please email us at wmcyber@west-midlands.pnn.police.uk.

Episode 7 of the podcast covers insights into current trends in commercial sector Insider Risk, stemming from the remote workforce & COVID19. •Intro (00:22) •Question 1 (01:05) – Does the current climate set us at increased exposure to Insider Risk? What elements of the Pandemic have led to that? •Question 2  (02:41) – How much of this has to do with the increased/imposed remote aspect of the workforce? And does this change in the status quo have any other impacts? •Question 3  (07:23) – For companies with an existing insider risk program, what are changes that they should consider making with the changes in work-dynamic? •Question 4  (09:25) – If I'm a company that doesn't already have an Insider Risk program in place, where should I start now? •Question 5  (12:12) – When all of this ends, and the workforce starts to come back, what should companies be worried about? •Recap & Key Takeaways (14:19)