What it Takes to Detect Insider Threats from Ford Motor Company’s Senior Analyst

Leading an insider threat program at a Fortune 100 company takes a certain skill set that can’t be molded into a single program or training certification. It takes a combination of capabilities and motivations to detect risk in some of the most challenging, unassuming places.Dave Holder is a senior analyst with Ford Motor Company where he helps lead their insider risk program. He is a decorated former counterintelligence officer with expertise in national security investigations and operations, as well as corporate workforce investigations. His national-level awards include the National Counterintelligence Executive’s Investigative Team Award in 2014 and the Department of Defense Counterintelligence Team Award in 2009.Key topics of Holder’s discussion with host Fred Burton include:How his experience as a Security Officer in the National Security Investigations Program  of the US Army shaped him into the leader he is today. The most important skills needed to stand up an insider threat unit and the critical importance of understanding the importance of the human mind amid technological advancements (employees must feel empowered to report behaviors!)How technology has impacted the insider threat space and resources Holder recommends for those interested in exploring a career in this area. Here are the ones mentioned within the episode:Borderless Behavior Analytics - Second Edition: Who's Inside? What're They Doing?Inside Jobs: Why Insider Risk Is the Biggest Cyber Threat You Can't IgnoreOffice of the Director of National Intelligence’s National Insider Threat TaskforceKey takeaways:01:23: Dave Holder: There are a lot of things in the military that carry directly over. Most of us coming out of these types of environments struggle with that balance a little bit. And with leadership, generally speaking, I learned you can't leave from behind. You have to be good at what you do as a practitioner. Have to be good with your people you've got to empower everyone and let them lead and innovate.14:00: Dave Holder: When I think about the horizon I guess I could think about it in terms of where I think the enemy threat picture is going to use military terminology — defensively,  I have to react to what the adversary is doing, but offensively, can I create a framework that puts all of the odds in my favor. On the program-building side of things, I think we need to put more focus into that and hopefully, some of the work MITRE is doing to build out an insider threat framework similar to MITRE attack for cyber defense will produce some of the applied research findings that will help us to get ahead of the curve. In the meantime, we have to continue to professionalize this field that we're calling Insider threat or insider risk along the main core competencies. I think without those we're not fluent enough with compliance professionals, privacy professionals, offices of general counsel, etc. We have to be able to converse with them in terms they ah that they understand and that they care about.

Om Podcasten

Welcome to the Ontic Connected Intelligence Podcast, the show for corporate security professionals who are elevating the practice and perception of security. Whether you’re a seasoned professional or new to the field, our podcast offers valuable insights and practical advice to help you navigate the complexities of modern corporate security. Hosted by Fred Burton, Chuck Randolph, and Manish Mehta, our episodes are packed with real-world examples and forward-thinking solutions to help you secure your organization effectively. Whether you're looking to enhance your intelligence-gathering capabilities, build a robust security team, or stay updated on the latest industry trends, this podcast empowers you to make informed decisions and lead with confidence. Tune in and join us on our mission to keep people safe and make organizations stronger. Subscribe now and never miss an episode.