We want to trust our employees and contractors working within our organizations. For the most part, people are doing their jobs with integrity every day. What happens when an employee decides to leave the organization and start their own business – with our Intellectual property or customer lists? Or when an employee downloads material to work at home? Join this podcast to learn how to build an insider risk program to mitigate these threats.
To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/04/CISOCOMPASS_Dawn_Cappelli_Article.pdf
Cappelli, D. 2019. Mitigate the Risk of Insiders Stealing Company Confidential Information. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 187. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald.
This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!Full Episode Show Notes
Dawn Cappelli - VP Global Security and CISO at Rockwell Automation
Dawn Cappelli is Vice President, Global Security and Chief Information Security Officer at Rockwell Automation. She is responsible for developing and executing a holistic cybersecurity strategy to ensure that Rockwell Automation and the Connected Enterprise Ecosystem – the company’s infrastructure, products, and customers - is safe, secure, and resilient. She is also responsible for Global Security programs, including physical security, executive protection, workplace violence prevention, and crisis management. Cappelli became CISO in 2016. She came to Rockwell Automation in 2013 as Director, Insider Risk, and built the company’s Insider Risk Program to mitigate threats from individuals within the company or trusted third parties who might steal information, sabotage infrastructure or products, or violate physical security controls. The Rockwell Automation Insider Risk Program was awarded the Global Team Leadership award by the Society of Women Engineers in 2016. Before Rockwell Automation Cappelli was Founder and Director of Carnegie Mellon’s CERT Insider Threat Center, where she was recognized as one of the world's leaders in insider threat mitigation, and has worked with government and industry leaders on national strategy issues. Before that she developed software for nuclear power plants for Westinghouse, and for Carnegie Mellon. She co-authored the book "The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)”, which was inducted into the Cybersecurity Canon - a list of must-read books for all cybersecurity practitioners. Cappelli is a Certified Information Systems Security Professional (CISSP). She holds a BS in Computer Science and Mathematics from the University of Pittsburgh, is co-founder of the Open Source Insider Threat (OSIT) information sharing group, and is a member of the RSA Conference Advisory Board and Program Committee, the Cybersecurity Collaborative Executive Committee, and the CyberWire Hash Table. She was honored as a member of the 2020 Global CISO 100 and was named Pittsburgh CISO of the Year in 2018.
Todd Fitzgerald - Vice President, Cybersecurity Strategy at Cybersecurity Collaborative
Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.