Welcome to the Spotlight Series with cybersecurity experts and Insider Risk Management leaders that are presenting at the upcoming 2022 Insider Risk Summit this September.

We sat down with speaker Janel Schalk, Practice Director, Security Enablement and Sales, at Trace3.

What are the biggest takeaways you hope attendees walk away following your session?

Janel: Understanding how laying defense in-depth will help identify, detect, protect and respond to insider incidents, and how contextualizing organizational and security data is key to cutting out the noise and seeing the data that is truly relevant to Insider Risks.

What do you think is the biggest misconception about Insider Risk?

Janel: That a single product can magically do everything that is needed to protect organizations. It takes multiple tools - many of which most organizations already have - to share and exchange data to effectively contextualize that data and make it make sense. Culture and processes are equally important.

What do you think is most exciting about the security industry today?

Janel: The security industry is constantly evolving to meet more advanced tactics and techniques, and what I love about technology vendors today is that they are actively focusing on integrating their products with other security products, sometimes competitors, and sometimes complimentary solutions, so that we no longer work in complete silos of information.

What area in security or business gets a lot of attention but doesn't really have as much meaningful impact on security posture or business outcomes?

Janel: I think this is very specific to individual organizations. I’ve seen personal relationships drive investments in technologies that are either never deployed, are not meeting the need, or have no staffing to operationalize it.

In other organizations, I’ve seen that the board is very focused on specific timelines that may be arbitrary or may be driven by an audit, but do not take into account the complexity of choosing the right solution, building the right processes around it, and doing the discovery necessary to make sure the requirements and use cases are fully understood and tested prior to solution implementation. Being informed by the true needs of the organization and less by buzz words can be challenging, but is worth the time.

What was your proudest moment as a security professional? Or, what was your most challenging moment?

Janel: I’m not sure I have one specific proudest moment, but I am happiest when I’ve worked hard and teamed up with others to build a program that meets a number of complex requirements, articulates the value of the program, and ultimately meets the objectives set out in the beginning.

If you could learn any new skill instantly, what would it be?

Janel: If we’re talking about magically gaining an ability, I would like to be able to speak every language, or at least several of them, so I could communicate with all the peoples of the world, and really immerse myself in all of the amazing cultures and societies across the globe.

Join us at the Insider Risk Summit

To see Janel’s session and earn CPEs; register now for free to join us and the rest of the Insider Risk Summit™ team at Insider Risk Summit 2022.

The Insider Risk Summit, the industry’s leading conference on Insider Risk Management (IRM), brings together security leaders and practitioners and industry experts to learn, interact and share best practices in the IRM space. More than just one moment in time–the Insider Risk Summit is a community of organizations and security professionals that understand collaboration, productivity and enablement of users while meeting data security challenges. In its inaugural year in 2020, more than 2,000 security professionals registered for the event, which is held annually in September during Insider Threat Awareness month. For the most up-to-date news about the Insider Risk Summit and the IRM community, go to insiderrisksummit2022.com or follow along on LinkedIn and Twitter.