Insider Risk Advisory

Every security team needs budget, time, and resources to succeed. We provide security expertise, technical resources and program development guidance to maximize insider risk reduction.

Customer Toolkit Home get started

Meet Our Team

Our veteran Insider Risk Advisory team has 4 CISSPs and 100 years of collective experience in the security industry, with specialties in Insider Risk Management program development, data loss prevention, user behavior analytics, security incident and event management, application security and endpoint security.

John Stuart

Director of Insider Risk Advisory

John joined Code42 in early 2018 and currently leads a team of security professionals who advise security teams on how to develop and mature their insider risk programs through security framework alignment and process automation.

As a cybersecurity professional for over 10 years, John has helped many organizations develop and mature programs designed to mitigate Insider Risk. In addition, he has led several large digital transformation projects for clients with a "security first" focus.

Jake DeWoskin

Director of Insider Risk Engineering

Jake has a strong professional background in IT-related engineering, cyber-security, client relationship management, sales, project design. With nearly 26 years of diverse experience in information technology communications and services, Jake has acquired strong team development and management skills.

In his work at Code42, Jake is currently focused on cybersecurity Insider Risk knowledge management, centered around strategic leadership, security ecosystem, risk and security assessment, client relationship management and team leadership. With this expertise, Jake leads Insider Risk Engineering with a dedication to helping security teams structure Insider Risk solutions for risk quantification, detection, response and recovery.

Clea Ostendorf

Senior Insider Risk Advisor

Clea has been in the security and IT space for the last 8 years where she’s helped support Fortune 100 companies to start-ups build effective and innovative programs. Prior to Code42 Clea worked in the application security space and helped influence the user experience of a Secure Coding Training Platform.

Clea believes in finding ways to approach security problems with a focus on the human element. She is active in the security community, having held roles on the MN ISSA Chapter Board and started a Women in Security group for ISSA.

Andrew Shea

Senior Insider Risk Advisor

Andrew has been working in cybersecurity for twenty years Co-authoring the BISRA risk methodology, he has worked extensively with CISO's across the globe to help them develop financially centric risk management capabilities. Andrew has worked on global deployments of EDR, Endpoint Security, Network Security, DLP, Server Security, Application Security and SIEM platforms. Andrew has successfully helped organizations map the security controls to a variety of security program models and compliance requirements.

Learn more from Andrew:

Jeremy Johnson

Senior Insider Risk Engineer

Jeremy has over 12 years of experience in IT security, during which he has gained experience expanding and securing branch office infrastructure by deploying and provisioning network gear, applications systems and software, and endpoint security policy. His strong background in LogRhythm SIEM deployment and provisioning contributes to his expertise in high availability (HA) and disaster recovery (DR) deployments.

With experience working beside multiple SOC analyst teams he has gained extensive knowledge on how to best create alerts and visualizations based on organizations' specific needs which he enjoys sharing with security teams who are implementing and optimizing their Insider Risk posture.

Alessandro Paolini

Insider Risk Engineer

As a Insider Risk Engineer at Code42 he assesses and recommends solutions based on Incydr. While also influencing innovation and change between the Customer Success, Security, and the Product Management/Development Teams, Alessandro offers a unique perspective on why Incydr is at the forefront of industry security standards and customer needs. With 20+ years’ of experience as a Security/IT Professional, he has worked with a wide variety of companies spanning small businesses to enterprise organizations. Alessandro's strong analytical and problem solving skills drive his ability to build meaningful and professional relationships.

Garry Cowman

Senior Insider Risk Engineer

Garry brings over 15 years of expertise working across IT and Security, most recently as a Senior Security Consultant at Optiv Security, to Code42 Security Advisory. Rooted in his passion for customer success, building relationships and ensuring businesses get the most value out of the technologies they leverage, Garry has helped many organizations deploy and operationalize their Insider Risk Management, SIEM, UEBA and SOAR platforms. Outside of work, Garry enjoys hanging out with his family and fly fishing.

Insider Risk Maturity Assessment

This service is for the security leader who wants to reduce data risk by jump-starting their Insider Risk program while utilizing technology investments already made. In just two meetings, our Insider Risk Advisors will complete your Insider Risk Maturity Assessment, covering the topics of:

  • Legal and program policies, governance, and agreements
  • Employee lifecycle
  • Insider Risk tools and processes, including access, monitoring, and security controls

You'll walk away with:

  • A sound understanding of you organization's current Insider Risk maturity and what that means
  • Executive recommendations on Insider Risk competencies and gaps
  • Best practice recommendations on common policies and controls impacting Insider Risk maturity
  • Detailed technical and programmatic action plan on how to best utilize your security stack to mitigate Insider Risk

Interested in an Insider Risk Maturity Assessment?