#208 - Insider Threat (with Shawnee Delaney)

This podcast episode of CISO Tradecraft features Shawnee Delaney, an insider threat expert, discussing insider threats in cybersecurity. Delaney, whose background includes espionage, explains how understanding human motivation and vulnerabilities is crucial for identifying and mitigating insider threats. The conversation highlights the importance of organizational culture, employee well-being, and proactive measures like employee lifecycle management and psychological testing in preventing such threats. Practical advice is offered for leaders to foster a supportive and communicative work environment to detect potential threats early. Finally, methods for creating effective insider threat programs and addressing cultural issues are explored.

Shawnee Delaney's LinkedIn - https://www.linkedin.com/in/shawnee-delaney/

Vaillance Group - https://www.vaillancegroup.com/

Transcripts: https://docs.google.com/document/d/1xJiEMDL8CjNwwfBSvNHfnhfsrVgOMuk0

Chapters

• 00:00 Introduction to Insider Threat
• 00:26 Guest Introduction: Shawnee Delaney
• 00:58 CruiseCon 2025 Announcement
• 01:33 Shawnee's Career Journey
• 02:18 Understanding Espionage
• 03:43 Motivations Behind Espionage
• 07:46 Indicators of Insider Threat
• 10:48 Building a Positive Organizational Culture
• 18:21 Implementing an Insider Threat Program
• 21:05 Psychological Testing in Hiring
• 23:26 Assessing Organizational Culture
• 25:34 Core Values in the Navy and Marine Corps
• 26:16 A Commanding Officer's Story
• 28:32 Identifying Insider Threats
• 32:01 The Impact of Job Uncertainty
• 36:50 Gamifying Security Incentives
• 39:12 Building a Strong Security Culture
• 42:05 Final Thoughts and Recommendations