From insider threat to insider asset: a practical guide

Friday 6 October 12:00 - 12:30, Green room

Kristin Leary (Forcepoint)
Richard Ford (Forcepoint)

Over the last few years it has become painfully obvious that perimeter defences provide inadequate controls against threats that are already extant within the network. This realization has driven significant growth in the field of 'Insider Threat Protection', and adoption of a broad set of defences based upon monitoring and analytics. While we understand the value of this approach, our contention is that when all we focus on is technology, we create an adversarial and negative-incentive-based relationship between employee and employer, thereby failing to address (or even exacerbating) some of the foundational drivers for certain types of damaging insider behaviour.

In this talk, we focus on what we believe to be the most effective way to mitigate insider threats: the fusing of technology with a modern and people-centric approach to proactive insider risk prevention. The simple truth, backed by considerable research, is that employees who feel engaged and valued in their jobs – those who are motivated by positive enforcement as well as negative consequence – present a significantly lower organizational risk. This incredibly important fact is oft overlooked, leaving an important tool in the risk management process unused.

Our belief that the insider threat is best managed from human capital and technology partnership is sufficiently strong that we present this session from the perspective of both human resources and technology executives, sharing the presentation just as we feel companies must share the ownership, construction, and management of a forward-looking insider threat program. The level of collaboration required far exceeds tangential contact at the borders of responsibility, but instead should enable a nuanced, positive, and people-centric approach to a challenging problem. To this end, we present this talk as a team, working in partnership both to enable employees and protect critical data, and provide real-world guidelines for the rollout of such a program. 



Kristin M. Leary

Kristin Machacek Leary serves as Chief Human Resources Officer for Forcepoint. She has more than 25 years of progressive leadership and human resources experience, including executive and leadership development, workforce planning, organizational development, talent and performance management and employee recruitment and retention.

Before joining Forcepoint, Leary was the Chief Human Resources Officer at Alphatec Spine. Previously, Leary held HR leadership roles at Quintiles, Hewlett-Packard and Boston Scientific. Prior to 1996 Ms. Leary held senior management roles within Human Resources at Dayton-Hudson Corporation, Select Comfort Corporation, and Andcor Companies.

Leary holds a Bachelor of Arts degree in organizational communications & English from Concordia College.



Dr Richard Ford

Dr Richard Ford is the Chief Scientist for Forcepoint, overseeing technical direction and innovation throughout the business. He brings over 25 years’ experience in computer security, with knowledge in both offensive and defensive technology solutions. During his career, Ford has held positions with Virus Bulletin, IBM Research, Command Software Systems and NTT Verio. He has also worked in academia, having held an endowed chair in computer security, and worked as Head of the Computer Sciences and Cybersecurity Department at the Florida Institute of Technology. He holds a Bachelor’s degree, Master’s degree and D.Phil. in physics from the University of Oxford.






Other VB2017 papers

Keynote address: Inside Cloudbleed

John Graham-Cumming (Cloudflare)

In February 2017, Cloudflare was revealed to have been leaking private information including HTTP headers, cookies and POST data…

Mariachis and jackpotting: ATM malware from Latin America

Thiago Marques (Kaspersky Lab)

Fabio Assolini (Kaspersky Lab)

Of all the forms of attack against financial institutions in the world, the ones that are most likely to combine traditional…

Walking in your enemy's shadow: when fourth-party collection becomes attribution hell

Juan Andres Guerrero-Saade (Kaspersky Lab)
Costin Raiu (Kaspersky Lab)

Attribution is complicated under the best of circumstances. Sparse attributory indicators and the possibility of overt…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.