No Insider Cybersecurity Risk? Guess Again! – Dawn Cappelli – CSP #19
We want to trust our employees and contractors working within our organizations. For the most part, people are doing their jobs with integrity every day. What happens when an employee decides to leave the organization and start their own business – with our Intellectual property or customer lists? Or when an employee downloads material to work at home? Join this podcast to learn how to build an insider risk program to mitigate these threats.
To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASSDawnCappelli_Article.pdf
Cappelli, D. 2019. Mitigate the Risk of Insiders Stealing Company Confidential Information. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 187. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald.
This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!
Guest
Dawn Cappelli is Vice President, Global Security and Chief Information Security Officer at Rockwell Automation. She is responsible for developing and executing a holistic cybersecurity strategy to ensure that Rockwell Automation and the Connected Enterprise Ecosystem – the company’s infrastructure, products, and customers – is safe, secure, and resilient. She is also responsible for Global Security programs, including physical security, executive protection, workplace violence prevention, and crisis management. Cappelli became CISO in 2016. She came to Rockwell Automation in 2013 as Director, Insider Risk, and built the company’s Insider Risk Program to mitigate threats from individuals within the company or trusted third parties who might steal information, sabotage infrastructure or products, or violate physical security controls. The Rockwell Automation Insider Risk Program was awarded the Global Team Leadership award by the Society of Women Engineers in 2016.
Before Rockwell Automation Cappelli was Founder and Director of Carnegie Mellon’s CERT Insider Threat Center, where she was recognized as one of the world’s leaders in insider threat mitigation, and has worked with government and industry leaders on national strategy issues. Before that she developed software for nuclear power plants for Westinghouse, and for Carnegie Mellon. She co-authored the book “The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)”, which was inducted into the Cybersecurity Canon – a list of must-read books for all cybersecurity practitioners.
Cappelli is a Certified Information Systems Security Professional (CISSP). She holds a BS in Computer Science and Mathematics from the University of Pittsburgh, is co-founder of the Open Source Insider Threat (OSIT) information sharing group, and is a member of the RSA Conference Advisory Board and Program Committee, the Cybersecurity Collaborative Executive Committee, and the CyberWire Hash Table. She was honored as a member of the 2020 Global CISO 100 and was named Pittsburgh CISO of the Year in 2018.
Host
Todd Fitzgerald promotes CISO/CPO leadership via the SCMedia CISO STORIES weekly podcast, advisory board participation, and international speaking engagements. Todd serves as VP, Cybersecurity Strategy, Cybersecurity Collaborative. Todd authored 5 books, including #1 New Release (2024) Privacy Leader Compass: A Comprehensive Roadmap for Building and Leading Practical Privacy Programs, and #1 Best-selling (2019-2023) and 2020 CANON Cybersecurity Hall of Fame book, CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers. Named 2016–17 Chicago CISO of the Year, Todd’s senior leadership positions include Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, Wellpoint/National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.