CISO Tradecraft®

#208 - Insider Threat (with Shawnee Delaney)

Nov 25, 2024

Shawnee Delaney, an insider threat expert with a background in espionage, shares her insights into cybersecurity's human elements. She highlights how understanding motivation is vital for detecting insider threats and stresses the importance of cultivating a positive organizational culture. Delaney discusses proactive strategies like psychological testing in hiring and employee lifecycle management. She also offers practical advice for leaders to foster open communication and build effective insider threat programs, drawing parallels from military core values.

45:25

Creator website

Episode guests

Shawnee Delaney

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Understanding human motivation and vulnerabilities is essential for identifying and mitigating insider threats within organizations.

Fostering a positive organizational culture through open communication and employee engagement can significantly reduce the risk of insider threats.

Deep dives

Understanding Insider Threats

Insider threats pose significant risks to organizations and often go unnoticed until the damage is done. McCarthy emphasizes that insider threats can arise from disgruntlement or disaffection of employees who may seek to exploit their position for personal gain or out of resentment. The podcast discusses how such threats often stem from individuals feeling undervalued or overlooked in their work settings, highlighting the importance of monitoring employee engagement and morale. Identifying potential insider threats requires understanding the motivations and vulnerabilities of employees, reinforcing the need for a proactive approach in managing human risk within organizations.

Intro

2min

From Espionage to Insider Threats

9min

Fostering a Culture of Trust in Cybersecurity

25min

Innovative Approaches to Security Culture and Engagement

5min

Leadership Dynamics and Team Culture via Cinematic Parallels

2min

Building a Comprehensive Human Risk Management Program

3min

This podcast episode of CISO Tradecraft features Shawnee Delaney, an insider threat expert, discussing insider threats in cybersecurity. Delaney, whose background includes espionage, explains how understanding human motivation and vulnerabilities is crucial for identifying and mitigating insider threats. The conversation highlights the importance of organizational culture, employee well-being, and proactive measures like employee lifecycle management and psychological testing in preventing such threats. Practical advice is offered for leaders to foster a supportive and communicative work environment to detect potential threats early. Finally, methods for creating effective insider threat programs and addressing cultural issues are explored.

Shawnee Delaney's LinkedIn - https://www.linkedin.com/in/shawnee-delaney/

Vaillance Group - https://www.vaillancegroup.com/

Transcripts: https://docs.google.com/document/d/1xJiEMDL8CjNwwfBSvNHfnhfsrVgOMuk0

Chapters