The New CISO Foundations: Building an Insider Threat Program from Scratch

The New CISO Foundations: Building an Insider Threat Program from Scratch


Why Foundations?

Over the last three years we’ve seen the New CISO Podcast community thrive, and we wanted to create another space where those who support the CISO – the people who build and run the different aspects of a security program – can share their own insights and leadership advice in a no-nonsense forum.

Building an Insider Threat Program from Scratch

On our first episode of The New CISO: Foundations, Steve Moore speaks with KT Boyle, Sr. Cybersecurity manager at Rakuten, about how he translated his military experience to the private sector, building an insider threat program with just himself at first;and how he hires to make sure the team succeeds.

Building your first insider threat and vulnerability program from the ground up can be daunting, but there are core tenets that help set you up for success. The needs of the business, tools and processes, and hiring all contribute to the success of the program.

Listen in as KT and Steve also tackle topics like:

  • Establishing a steering committee with other business partners like legal and HR
  • What IT coordination and critical controls you should have in place
  • The benefits of dividing your SOC functions into two buckets: infrastructure/monitoring and risk/individuals
  • Where to spend most of your time for the most value
  • Why security should only act as a sensor, objectively collecting data and presenting facts without bias
  • Hiring for success: Taking a page from how the military recruits

Check out the full episode here, and if you like the show, remember to review, rate us, and subscribe to get new episodes when they go live.

More about KT Boyle

KT Boyle is the Senior Manager of Cybersecurity for Rakuten. He’s the Program Lead in developing both Rakuten’s UEBA solution and Insider Threat/DLP program. He spent 16 years in the US Army, seven years as a Cyber Operations Officer at US Cyber Command (USCYBERCOM) and with Joint Special Operations Command (JSOC), working on both offensive and defensive cyberspace operations.

Listen and Subscribe on Your Favorite Podcast App


Get in Touch!

Have a topic or guest you'd like to see featured on The New CISO?
Email us at thenewciso@exabeam.com