Shawnee Delaney

Beyond Firewalls: Understanding Human Risk in Cybersecurity

This presentation will provide an overview on what the term “insider threat” actually encompasses, from unintentional acts to malicious acts, and everything in between. It will provide details and case studies on malicious insider acts, psychological motivations of a malicious actor, and the Critical Pathway. The Critical Pathway, as identified by Shaw and Sellers, explains how personal predispositions, stressors, and concerning behaviors can lead up to Insider Threat-like behaviors and/or malicious acts. In addition, this presentation will discuss:

• How the human factor impacts organizations.
• How your company’s culture can affect insider threat.
• How both spies and social engineers work similarly to target you and your employees to gain access to your organization’s most sensitive data.
• How one’s personal motivations and vulnerabilities can leave their organization vulnerable.
• How organizations can establish an employment lifecycle program in order to understand important interdependencies. touchpoints, interactions, and gaps in insider protection strategies.

The Art of Espionage: Understanding the Fundamentals of Spycraft

Espionage is real and is all around us. Think you would never be recruited as a spy? Think again. In this presentation you will learn from a former Case Officer – a Spy – how she used to target and recruit people just like you. From elicitation at airport gates to surveillance of unwitting people, hear the tricks and techniques she leveraged against various targets of all walks of life and how you can prepare if you suspect you are ever approached.

This talk covers both human and cyber security tactics used and addresses how today’s malicious actors including hackers, nation states, and organized criminal groups, use the same techniques as spies.

Stealing Innovation: Understanding the Threat of Corporate Espionage & Intellectual Property Theft

Given by a former spy, this talk provides details on the different types of espionage and how they can affect your organization. It will cover industrial espionage, corporate espionage, and foreign espionage in detail, offering examples of motivations to conduct espionage, costs, how spies are recruited, and case studies on various threat actors.

The Hidden Enemy: Detecting and Preventing Insider Threats to Intellectual Property

There are a variety of motivations for conducting theft of intellectual property and/or trade secrets. This talk will cover the various types of Intellectual property theft, differences between intellectual property, trade secrets, and protected information. It will include suggestions for how to better protect this information and what threats are targeting it, including hackers, nation states, insider threats, and technical threats.

From Onboarding to Offboarding: Mastering the Art of Employment Lifecycle Management

An employee’s lifecycle encompasses several stages throughout their career.  This begins with recruitment and concludes with resignation, retirement, or termination.  This talk addresses how organizations can establish an employment lifecycle program in order to give employees consistency throughout their careers and teaches you how to prevent insider threats as a result.  It also provides a framework to understand important interdependencies, touchpoints, interactions, and gaps in insider protection strategies.

It will cover:

• What is an insider threat?
• What is employment lifecycle management?
• How the human factor impacts organizations
• Best practices for mitigating insider threat by managing the employment lifecycle

The Invisible Threat: Safeguarding Intellectual Property and Trade Secrets against Malicious Actors

There are a variety of motivations for conducting theft of intellectual property and/or trade secrets. This talk will cover the various types of Intellectual property theft, differences between intellectual property, trade secrets, and protected information. It will include suggestions for how to better protect this information and what threats are targeting it, including hackers, nation states, insider threats, and technical threats.

In addition, this presentation will discuss:

• How the human factor impacts organizations.
• Psychological aspects of a malicious actor.
• How both spies and social engineers work similarly to target you and your employees to gain access to your organization’s most sensitive data.
• How one’s personal motivations and vulnerabilities can leave their organization vulnerable.
• How organizations can establish an employment lifecycle program in order to understand important interdependencies, touchpoints, interactions, and gaps in insider protection strategies.

From Espionage to Entrepreneurship: Lessons Learned as a Spy Turned Business Owner

In this talk Shawnee will cover the challenges of being an entrepreneur and how she overcame them while starting two new businesses. Drawing from her expertise in the cybersecurity and human intelligence worlds Shawnee will share techniques she uses daily in her business to mitigate risks, manage the employment lifecycle, conduct research, build networks and gain other business-related skills – all tools she learned and honed while conducting espionage around the world.

Finally, Shawnee will review some common threats that entrepreneurs shouldn’t overlook and share personal stories of her background and new challenges in starting a second new company that aims to be a disruptor in an industry that has never been addressed before!

Dark Corners: Exploring the Hidden Dangers of Insider Threat and Extremism

This talk provides an in-depth analysis of extremism and insider threat, exploring the causes, characteristics, and consequences of these phenomena. The course will cover different types of extremism, such as religious, political, and ideological extremism, and examine their commonalities and differences. Shawnee will share case studies of extremist groups and malicious insiders, including their motivations, tactics, and ideologies. Topics covered in the talk include:

• Theoretical perspectives on extremism and insider threat
• Historical and contemporary examples of extremism and insider threat
• Causes and consequences of extremism and insider threat
• Identification and mitigation of extremist and insider threats

By the end of this talk, audiences will have gained an understanding of the nature of extremism and insider threat, and be equipped with practical strategies for identifying and mitigating these risks.

Locked Out: Navigating the Growing Threat of Ransomware Attacks

This course is designed to provide a comprehensive understanding of ransomware, a type of malware that encrypts victim’s files and demands a ransom payment in exchange for the decryption key. Ransomware has become one of the most pervasive and damaging forms of cybercrime, with attacks on individuals, businesses, and governments on the rise.

Audiences will learn about the various types of ransomware, how they work, and the methods used by attackers to deliver and spread ransomware. The talk will also cover prevention strategies and best practices for identifying and mitigating insider threats, detecting and preventing ransomware infections, and responding to ransomware attacks.

The Stress Connection: How Stress Can Create Insider Threats

Stress is a common factor in our daily lives, and it can have significant impacts on our emotional, mental, and physical well-being. However, stress can also have unintended consequences in the workplace, including creating an environment that fosters insider threats. This talk will explore the relationship between stress and insider threats, and strategies for mitigating this often-overlooked risk.

Through a combination of real-world examples, research studies, and case studies, attendees will gain a deeper understanding of how stress can lead to insider threats, including unintentional and malicious insider behavior. The talk will examine the factors that contribute to stress in the workplace, including job dissatisfaction, work overload, and lack of support. Attendees will also learn about the different types of insider threats, the warning signs of insider threats, and the damage they can cause to organizations.

The talk will conclude with practical strategies for mitigating insider threats caused by stress. Attendees will learn about best practices for identifying and addressing workplace stress, promoting employee well-being, and creating a positive work environment that reduces the risk of insider threats. The talk will also cover the importance of creating a culture of awareness and vigilance to help prevent and detect insider threats before they cause harm.

Overall, this talk will provide attendees with valuable insights into the often-overlooked relationship between stress and insider threats. Attendees will gain practical strategies for mitigating this risk, helping them to create a more secure and productive workplace for their organizations.