Former CSO at the World’s Largest Aerospace Company Talks How to Tackle Insider Risk

“The whole reason behind having an insider threat program was to change the culture … and at least once a quarter, we would always inject one of our insider threat stories.”

The interview with Dave Komendat, former CSO at Boeing, discusses the importance of insider threat programs in changing company culture and ensuring security. He emphasizes regular communication about insider threat instances, both positive and negative, as a key strategy to keep employees informed and vigilant. By sharing stories of insider threats at least quarterly, the program aims to educate and remind employees about the importance of security and ethical behavior. This proactive approach helps in fostering a security-conscious culture within the organization.

Dave Komendat, former CSO for Boeing

In the realm of security within large corporations, particularly in sensitive industries like aerospace, the challenge of managing insider threats is paramount. Dave Komendat, the former Chief Security Officer (CSO) at Boeing, sheds light on innovative approaches to this challenge in a revealing interview. His insights are particularly crucial for organizations looking to bolster their security protocols.

Komendat emphasizes the strategic importance of cultivating a security-conscious culture within companies. He points out that the essence of having an insider threat program is not merely to monitor or control but to effect a cultural transformation. This program, which was a cornerstone of his tenure at Boeing, focused on regular communication about insider threats. Komendat underlines the practice of sharing stories related to insider threats quarterly, which served dual purposes: education and reminder. These narratives, whether they ended positively or highlighted lapses, were integral in maintaining a vigilant environment.

This proactive approach goes beyond routine security measures. It involves engaging with employees on a continuous basis, thereby making security a common responsibility rather than a distant concept managed solely by a security department. Komendat’s method suggests that when employees at all levels are regularly informed about the realities and potential consequences of insider threats, they become more likely to act in ways that safeguard the company’s assets and reputation.

Moreover, the former CSO points out the benefits of such an approach in preempting potential security breaches. By integrating these stories into the regular workflow, employees are not only kept in the loop but are also provided with real-life scenarios that demonstrate the importance of their role in the company’s security apparatus.

For any organization looking to enhance its security measures against insider threats, Komendat’s insights offer a valuable blueprint. It’s clear from his interview that the key to a robust insider threat program lies in its ability to weave security into the fabric of the company’s culture, making it as integral as any other aspect of corporate life.

For a deeper dive into Dave Komendat’s strategies and experiences at Boeing with managing insider risks, consider reading the full interview here.

 

Conclusion.

Are you a Defence Industry Security Program and you need your Insider Threat Management Program to be more robust?

Our Insider Threat Management Centre and our quarterly communique “Vantage Point” is second to none in Australia.

 

Show me Evidence of your Insider Threat Program (ITP).