How to Effectively Balance Insider Risk and Employee Privacy

This podcast interview session addresses how to create an insider threat/insider trust program that mitigates insider risks while respecting employee's privacy rights. Best practices and advice for starting a new insider threat program will be shared.

Questions Corey will ask speakers:

1) To help those who are just starting to create an insider threat/insider trust program within their company, what are some available resources that you would recommend checking out?
2) What are some insider threat/insider trust best practices that you have found to be invaluable when standing up a program?
3) How does a company create an insider threat/insider trust program that is effective at mitigating insider risks while simultaneously respecting employee's privacy rights? Can it be done?
4) What future changes do you anticipate in the world of insider risk management in relation to tools, regulations, processes, etc. in the next 5 years?
5) Should an insider threat/insider trust program be a discreet or very public function? Can you explain why you feel the way that you do?

Moderator: 
@Corey Reitz - Distinguished Cyber Assurance Architect, Sandia National Laboratories 

Speakers:
@Joshua Smith - Senior IT Security Analyst, Ogletree Deakins
Michael Theis - Chief Engineer & Assistant Director for Research, National Insider Threat Center, CERT/SEI, Carnegie Mellon University
​
Recorded on 01-18-2023​