Exposing Insider Threats: Expert Secrets from Cyber Risk Expert

https://is1-ssl.mzstatic.com/image/thumb/Podcasts122/v4/83/01/0d/83010d06-096a-9281-d806-69d503227a43/mza_12837184525763599952.jpeg/600x600bb.jpg

The Core Podcast

Core To Cloud

76 episodes

3 months ago

Cyber threats pose a constant challenge to businesses and individuals worldwide. These threats range from seemingly innocuous phishing attempts to complex ransomware attacks and highly orchestrated data breaches that result in the exposure of sensitive data. Join industry experts and leaders as we unpack the latest security challenges we face and explore how we can work together to address them. In this podcast, powered by Core to Cloud, discover the interconnected issues facing industries around the world and learn about potential solutions.

Hosted on Acast. See acast.com/privacy for more information.

Technology

RSS

All content for The Core Podcast is the property of Core To Cloud and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Hosted on Acast. See acast.com/privacy for more information.

Technology

https://assets.pippa.io/shows/6322e89b85cb8e0011f0d773/1709640462606-9fd6c7311c5e308fe33b3554db070839.jpeg

Exposing Insider Threats: Expert Secrets from Cyber Risk Expert

The Core Podcast

1 hour 9 minutes 18 seconds

1 year ago

Exposing Insider Threats: Expert Secrets from Cyber Risk Expert

Summary

Join Kelly as she sits down for an illuminating conversation with none other than James Moncrieff, the Global Cyber Risk Lead at GFK, who shares his journey from being a police officer to transitioning into the information security field. The two discuss James' childhood dream of becoming a firefighter and how he accidentally ended up in the police force. James also highlights his challenges in entering the cybersecurity industry and the importance of persistence and self-belief.

In this conversation, James discusses the importance of understanding the risk of shadow IT and the need to shift from a culture of exception to accountability in cybersecurity. He highlights the complexity of insider threats and the different types of insiders that businesses must be aware of. James also stresses the limitations of security controls and the importance of preventing small attacks from escalating. He explains the role of human intelligence in cybersecurity and the process of sanitising intelligence for protection.

Finally, we explore the importance of creating a culture of trust and protection and the opportunities available in cybersecurity.

Chapters

00:00 The Journey from Law Enforcement to Cybersecurity

16:36 The Power of Persistence and Self-Belief in Career Transition

27:07 Stepping Outside Your Lane: Understanding Security Principles

33:55 The Strategic Role of GRC in Cybersecurity

34:25 The Foundation of InfoSec: GRC Work and Risk Management

36:21 Navigating Insider Threats and Human Intelligence in Cybersecurity

01:04:09 Embracing Diversity and Unique Backgrounds in InfoSec

Takeaways

Transitioning from law enforcement to information security can be challenging, requiring persistence and self-belief.
Diversity in problem-solving and different perspectives can lead to innovative solutions in the cybersecurity field.
Understanding security principles and stepping outside one's lane can enhance the effectiveness of security professionals.
The role of GRC (Governance, Risk, and Compliance) in cybersecurity goes beyond checklists and policies, requiring a broader understanding and strategic approach. GRC work is the foundation of InfoSec, encompassing risk management, governance, policies, and coordination of security development.
Understanding the impact of systemic issues on the business is crucial for effective risk management and security posture.
Insider threats are complex and can range from accidental to malicious, requiring a nuanced approach to detection and prevention.
Human intelligence plays a vital role in cybersecurity, and a process to protect and utilize intelligence from individuals on the ground is needed.
Diversity in InfoSec is essential, and individuals with unique backgrounds and skills bring valuable perspectives and problem-solving abilities to the industry.

Keywords

cybersecurity, career transition, police officer, persistence, self-belief, diversity, problem-solving, security principles, GRC, challenges, GRC work, risk management, governance, policies, vulnerability management, security development, SOC, insider threats, human intelligence, cybersecurity, diversity, unique backgrounds, InfoSec

Hosted on Acast. See acast.com/privacy for more information.