Name: Stewart Draper
Title: Global Insider Threat Program Manager, Citi Group
Why: Nominated: Stewart Draper has participated in a number of programs, efforts and initiatives geared around information security risk reduction.
Through mentoring efforts, Stewart has been able to directly help organizations socialize awareness and insider threat needs to C-Suite level executives. The result of these mentoring relationships has been financial savings in the form of better preparing organizations, reduction in risk associated with reputation and brand damage and decision making in technology investments.
Stewart was a contributing member to ICIT where he was involved in the creation of publications, discussions with members around information security risks and educating those involved in specific threat topics. Hundreds of participants over a year-long duration were in attendance (in-person) to learn about these topics and thousands more have listened to Podcasts, watched videos and downloaded documentation. The knowledge gained from audience members were taken back to their organizations to aid in overall risk reduction.
Stewart has been a keynote speaker at many security conferences. Most recently talking around the topic of behavioral analysis and insider threat risk at the FS-ISAC community meeting. Past keynote speaking engagements have also included HP Protect and CISO summits. During these speaking engagements, Stewart has been able to raise awareness to the concern and threats associated with insider risks and actions. Educating participants on how to create a culture of information security aware and engaged workforce. Speaking engagements have been to hundreds of technology, risk, audit and security leaders. Socializing these threats to audience members has specifically aided in risk reduction within their individual organizations.
– OSINT Working group – As co-founder of the open source insider threat working group Stewart has had a hand in being able to positively guide hundreds of organizations in positive steps to improving their insider threat understanding and programs.
Draper helps to lead the FS-ISAC working group of around 50 financial organizations that participate monthly in discussions around the topic of insider threat. Stewart has presented on a number of topics including process workflows, compliance and technology.
Stewart is a member of the INSA (intelligence national security alliance) insider threat task force team and INSA financial crimes task force team. INSA helps to bring together subject matter experts to produce publications that better the wider community both in the DoD space and in the public sector.
Profile: Stewart Draper has over 15 years of information security experience. His career has included lead and managing roles in several of the largest financial organizations in the world. Stewart Draper is an industry leader in the field of insider threat, in 2014 he co-founded an open source insider threat consortium that has since grown to be the largest free consortium group in the world at over 250+ active organization participants. During his 10 years in insider threat, Stewart has mentored close to 40 organizations with one on one support in how to successfully build an insider threat program, some of these organizations included some of the largest pharmaceutical, financial and telecommunications companies in the U.S.
What colleagues say:
“Stewart has been a leader in the insider threat space for over 10 years. His willingness to share, collaborate and even mentor those with new and developing programs is known by all those within the insider threat community. Anyone that knows him, knows of his passion and love for what he does and appreciates his contributions. I have known Stewart for many years and have worked with him on several insider threat programs and projects and his dedication to the Cyber Security Community is amazing! ” said Darren Gaeta.
“Stewart is a tremendous resource to the community. He publishes high quality and compelling content and is the first person I look to for the facts when understanding major data breaches. I retweet and share his content posted without hesitation,” Ian Paterson.
“Stewart has a rare ability to shift from executing visions down to solving complex technical issues. His prowess at both levels enables him to be one of the most effective evangelists of progressive insider threat programming across every industry,” said Marc Gruzenski.