An Insider Risk Case Study

A real-life look at data loss and how to prevent it 


John Boles

Principal | PwC

John is a Principal in PriceWaterhouseCoopers’ Incident and Threat Management practice.  His experience from over 27 years in federal law enforcement, national security, and cyber operations has given him a unique perspective on cyber security and risk.  

John served in the FBI for over 20 years, conducting and leading investigations around the world, including cyber, fraud, terrorism, and violent crimes.  As Deputy Assistant Director, in charge of FBI Cyber Operations, he oversaw the federal response to many of the more notorious cyber attacks.  He advised the White House and National Security Council on cyber-related issues and policies and has testified before Congress on cyber-crime issues. John also led the National Cyber Investigative Joint Task Force, a 19-agency team of US and allied intelligence agencies dedicated to national security investigations and response. He retired as Assistant Director, responsible for the FBI’s international operations, including offices in 82 embassies covering 120 countries.

Mark C. Ray

Partner - Cybersecurity & Privacy | PwC

Mark Ray is a a Principal in PwC’ Cyber, Risk, and Regulatory practice, where he helps clients prepare for, investigate, and recover from major cyber incidents and fraud events. Prior to joining PwC, Mark was a Special Agent with the FBI’s Cyber Division, where he led some of the FBI’s most preeminent criminal and national security cyber investigations.  

Matt Jackson

Director, Security Operations, Code42

Matt is the Senior Director of Security Operations at Code42, a leader in Insider Risk Management. He leads the Detection and Response (“blue”) and Penetration Test (“red”) teams. Prior to joining Code42 in April 2022, Matt led the Cyber Incident Response Team at Splunk, and built the Security Operations team at Amazon Web Services. Matt is a graduate of the Master of Science in Managing Information Technology (MSMIT) program at the University of Virginia.


2:00 PM

Welcome & Arrivals

2:15 PM

PWC | Case Study: Insider Stories from the Field

John Boles and Mark Ray from PwC will take us through some real-life case studies of actual insider incidents they have conducted during the course of their investigative careers. John & Mark will walk us through these incidents discussing the root cause, how the companies responded, lessons learned, and where tools and technology aided the investigations.

3:05 PM


3:15 PM

Code42 | Reimagine Data Protection - Why IRM Offers More Resilience in a Cloud-Dependent World  

Data loss, leak and theft are not new problems, and a number of technologies that have attempted to mitigate insider risk have existed for some time. What has changed, especially in the past few years, is the landscape of insider risk: employees are more distributed, data has moved to the cloud, and old-fashioned security tools are no longer adequate. Our approach to Insider Risk Management takes the best parts of DLP, CASB, UEBA and SEA, and reimagines them in a way that makes them much more effective in today’s world. With this approach, security teams can have a more effective and resilient approach to insider risk, one that scales to protect their data beyond today.

3:40 PM

Speaker Q&A + Group Discussion

4:30 PM

Networking Happy Hour

5:30 PM

Event Close

Who Should Attend?


Security Practitioners

Industry Experts

More than just one moment in time – the Insider Risk Summit is a community of organizations and security professionals that understand collaboration, productivity and enablement of users while meeting data security challenges. 

Slack Community 

Join the Insider Risk Knowledge Share slack community!