Code42 News

Tuning In On Insider Risk at Blackhat 2021

5 min Read

Riley Bruce

Security Community Evangelist Manager

BlackHat USA trainings are already underway. Thousands of people are either in, on their way to Las Vegas, or tuning in remotely to join other cybersecurity professionals to learn, connect, and let their hair down a little. For many, it’s the first hybrid event opportunity in what feels like a lifetime – and we are so excited to reconnect with BlackHat attendees whether that’s virtually or in person at booth #1467 at Mandalay Bay.

Since we are a company focused on Insider Risk Management, and this post is hosted on our blog, we’ll wager that many of you reading this are also interested in mitigating Insider Risk/Threat within your organization. So, we did some due diligence and put together a special ‘Insider Track’* highlighting the briefings that seem most relevant to Insider Risk.

BlackHat USA 2021 Briefings relevant to Insider Risk Management

  1. A Data Protection Problem: Insider Risk
    Speakers are Rob Juncker and Mark Wojtasiak
    This one is a gimme. In this on-demand session Code42’s own will discuss what Insider Risk is, the problem that Insider Risk Management solves for organizations, and how Code42 can help solve that problem. The session is available on-demand throughout the conference so, if you’re interested in Insider Risk and have a spare 15 minutes, we’d recommend checking it out.
  2. Deepfake Social Engineering: Creating a Framework for Synthetic Media Social Engineering
    Speaker is Matthew Canham
    Social engineering (specifically vishing) leveraging deepfake technology is on the rise. In this session the presenter will lay out a framework for classifying and employing countermeasures against these attacks. Given that the attack surface with these threats is your user-base, the connection to Insider Risk seems to make itself. This session will offer you practical examples of countermeasures you can deploy and educate your users on to better protect your organization against deepfake-elicited data exfiltration.
  3. Action Bias and the Two Most Dangerous Words in Cybersecurity
    Speakers are Josiah Dykstra and Douglas Hough
    This session will focus on “action bias and when immediate action is appropriate and when it is counterproductive.” As Insider Risk managers, it’s often tempting to take action immediately and block an activity or try to put a new safeguard in place which may inadvertently prevent productivity. This session will dig into when to act with a right-sized-response and when to let things play themselves out. While not explicitly related to Insider Risk incidents, this session in the Human Factors and Community tracks should be very valuable.
  4. The Ripple Effect: Building a Diverse Security Research Team
    Speakers are Oryan De Paz and Omer Yair
    Insider Risk Management is as much a cultural shift as it is a technical one. Study after study has shown that having a more diverse and inclusive work culture results in greater profits and productivity, but also, and importantly to Insider Risk managers, leads to a more cohesive and security-aware culture. As noted in the session abstract “there <was> no… toxic culture of any kind on our core team.” The speakers will be sharing “tools for team members, leaders, and upper management alike” which have “improved our R&D team atmosphere and deliverables.” Sounds like a great way to minimize risk through a collaborative, aware culture.

That’s far from an exhaustive list of the cross-functional sessions that could apply to Insider Risk but in our browsing of the briefings, these are the ones that seemed to be the best fit for our impromptu track.

Join us at the Insider Risk Summit

If that doesn’t feel like enough Insider Risk focused content and/or you’re in the market for another conference altogether; register now to join us and the rest of the Insider Risk Summit™ team at Insider Risk Summit 2021.

The Insider Risk Summit, the industry’s leading conference on Insider Risk Management (IRM), brings together security leaders and practitioners and industry experts to  learn, interact and share best practices in the IRM space. More than just one moment in time – the Insider Risk Summit is a community of organizations and security professionals that understand collaboration, productivity and enablement of users while meeting data security challenges. In its inaugural year in 2020, more than 2,000 security professionals registered for the event, which is held annually in September during Insider Threat Awareness month. For the most up-to-date news about the Insider Risk Summit and the IRM community, go to www.insiderrisksummit.com or follow along on Twitter.

*Does this count as a pun? Let us know your opinion on twitter by commenting or posting @Code42 if you see this. Also, if you mention this post in-person at booth #1467, you’ll win some extra swag.

Riley Bruce

Riley is a Security Community Evangelist Manager at Code42 where he enjoys educating Security and IT teams through engaging technical content and presentation. Previously, Riley served in both customer support and customer education roles at Code42. In his spare time, he enjoys photography, travel and relaxing at the lake in northern Wisconsin with his pug Mimi.