Defense in Depth: Insider Threats

Is your own staff the greatest threat to the security of your company? On this episode of Defense in Depth we discuss protecting your business from itself.


Check out this post and discussion for the basis of our conversation on this week’s episode which is co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX), CISO at Mitel. Our guest is Vijay Bolina (@_jamesbaud_), CISO, Blackhawk Network.

Subscribe to Defense in Depth.

Got feedback? Join the conversation on LinkedIn.

Thanks to this week’s podcast sponsor, Fluency Security:

Fluency’s correlation and risk scoring technology combined with their approach of using pseudonyms in place of certain PII data greatly facilitates your organization’s path towards compliance. Over time, machine learning and artificial intelligence algorithms detect anomalies at an impressive level of scalability. Run Fluency as a standalone or integrate it into your existing SIEM. Learn more by visiting us at booth #4529 at the RSA® Conference 2019.

On this episode of Defense in Depth, you’ll learn:

  • Nearly 1 in 5 people would sell their health record for $500. (source)
  • Insider threat mistakes can take many forms. It could be someone carelessly leaving a USB key somewhere or it could be a developer simply not securing their code.
  • Security people make mistakes just like non-security people. Difference is when a security person makes a mistake, chances are the gravity of the damage will be much higher.
  • A breach doesn’t necessarily have to damage the company. A breach simply means data left your protected area of the business. And that is still bad even if there was no actual damage.

Defense in Depth

David Spark
David Spark is the founder of CISO Series where he produces and co-hosts many of the shows. Spark is a veteran tech journalist having appeared in dozens of media outlets for almost three decades.