Latest News: Forrester Recognizes Binary Defense as Notable MDR Provider

Download Report

Search

ThreatTalk: The IT Worker, Threat from Within and The Hermit Kingdom

The insider threat is a multifaceted challenge that represents a significant cybersecurity risk to organizations today. Some insiders act with malicious intent, such as employees aiming to steal data or harm the organization. Others are unintentional, making careless errors or falling prey to phishing schemes. Recently, nation-states such as the Democratic People’s Republic of North Korea (DPRK) have employed insider threat activity using remote work employees impersonated IT workers to steal company propriety data along with sending funds to support the Kim Jong Un regime.  

During this ThreatTalk we’ll uncover DPRK methods of gaining access, the risks posed by insider threats, and their impacts on the organizations they have infiltrated. From DPRK schemes profiting millions for weapon programs and financial gains to stories of high-profile data breaches like Tesla and Verizon, this session will provide expert insights on what happened and how we can combat these sophisticated threats. 

Our Threat Intelligence and Research team will be covering: 

  • Understanding the Basics of Insider Threats 
  • The Importance of Understanding Insider Threats and Their Motivations 
  • Insider Blind Spots 
  • Breaking Down DPRK Insider Threat Schemes 
  • Highlighting Key Cyberattacks Carried Out by DPRK Contracted IT Professionals 
  • Assessing the Risks Linked to Insider Threats 
  • Open Q/A on Insider Threats and the Role of Foreign Nationals in Corporate Espionage 

About The Speakers

JP Castellanos

JP Castellanos, the Director of Threat Intelligence at Binary Defense, brings over 15 years of extensive experience in the cybersecurity domain. Beginning his career as a help desk analyst in the Department of Defense (DoD), JP has skillfully climbed the ranks through roles in Incident Response (IR), Security Operations Center (SOC) management, Threat Hunting, and Cyber Threat Intelligence. His tenure with the DoD lasted till 2018, after which he served as a Senior Threat Intelligence Analyst supporting a major oil and gas organization until 2023.

An expert in advanced threat detection and response, JP holds several prestigious certifications from SANS, including FOR578 Cyber Threat Intelligence Analyst, FOR572 Network Forensic Analyst, and SEC599 Defending Advanced Threats. These credentials underscore his expertise in anticipating, mitigating, and defending against advanced cyber threats.

Known for his ability to translate complex threat landscapes into actionable intelligence, JP is committed to fortifying organizations against the evolving challenges of cybersecurity. His unique blend of technical expertise and strategic foresight ensures attendees gain valuable insights into the detection and prevention of sophisticated cyber threats.

Eric Gonzalez

Eric Gonzalez is the Senior Incident Response Analyst at Binary Defense, bringing over 14 years of experience in Security Operations and Incident Response. Known for his expertise and dedication, Eric has worked in diverse industries, including professional services, healthcare, insurance, and higher education.

Before joining Binary Defense, Eric honed his craft in the healthcare industry as a Cybersecurity Incident Response Analyst, where he responded to a wide range of threats, establishing a threat hunting programs, helping with automation and content engineering, deploying and maintaining honeypots/honeytokens, and writing and reviewing numerous playbooks. His experience includes handling critical incidents such as ransomware attacks, credential stuffing, insider threats, and zero-day vulnerability exploits like Log4Shell and MOVEit.

Eric holds a BS in Cybersecurity and Information Assurance, an MS specializing in Computer Forensics and Cyber Operations, and multiple certifications, including GIAC Reverse Engineering Malware (GREM) and GIAC Certified Forensic Analyst (GCFA). With his deep technical expertise and passion for empowering organizations, Eric is dedicated to defending against evolving insider threats