Episode 314: JSJ 310: Thwarting Insider Threats with Greg Kushto

Panel:

Charles Max Wood
Cory House
AJ O’Neal
Aimee Knight

Special Guests: Greg Kushto

In this episode, the JavaScript Jabber panelists discuss thwarting insider threats with Greg Kushto. Greg is the vice president of sales engineering for Force 3 and has been focused on computer security for the last 25 years. They discuss what insider threats are, what the term includes, and give examples of what insider threats look like. They also touch on some overarching principles that companies can use to help prevent insider threats from occurring.

In particular, we dive pretty deep on:

Greg intro
Insider threats are a passion of his
Most computer attacks come from the inside of the company
Insider threats have changed over time
What does the term “insider threats” include?
Using data in an irresponsible manner
Who’s fault is it?
Blame the company or blame the employee?
Need to understand that insider threats don’t always happen on purpose
How to prevent insider threats
Very broad term
Are there some general principles to implement?
Figure out what exactly you are doing and documenting it
Documentations doesn’t have to be a punishment
Know what data you have and what you need to do to protect it
How easy it is to get hacked
Practical things to keep people from clicking on curious links
The need to change the game
Fighting insider threats isn’t fun, but it is necessary
And much, much more!

Links:

Force 3
Greg’s LinkedIn
@Greg_Kushto
Greg’s BLog

Picks:

Charles

HaveIBeenPwned.com
Plural Sight
Elixir podcast coming soon
NG conf
MicroConf
RubyHack
Microsoft Build

Cory

Plop
VS code sync plugin

Aimee

Awesome Proposals GitHub

AJ O’Neal

Fluffy Pancakes
The Mind and the Brain by Jeffrey M. Schwartz

Greg

StormCast