CyberWire Daily - Pattie Dillon: Take the leap. [Anti-fraud] [Career Notes]

Starting point is 00:00:00 You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools. It's time to rethink your security. Thank you. My name is Patty Dillon. I'm the product manager for anti-fraud solutions at SpyCloud. I guess really, like way back back because of my age, I'm not a spring chicken. It was just like being a wife and a mother. And so I honestly loved doing that too.

Starting point is 00:02:00 But as my kids were growing up, I felt like I was really missing something. And so I went out and found a number of different careers that I enjoyed, but the one that was most interesting to me and I had the most passion for was preventing fraud. for was preventing fraud. I've been doing this for, geez, close to 20 years in the anti-fraud space, cybersecurity space. I had a small company in upstate New York, and it served a number of small to medium-sized businesses, and one of those businesses was an online tobacco business. So there's many different types of tobacco being sold online now, but at the time it was very limited and the individual wanted to look for some sort of age verification solution. I got into the data world and honestly was flabbergasted by how much information was out there

Starting point is 00:03:14 and said, wow, if we're going to build this, I'd really like to make sure that it's more privacy oriented and people aren't required to put in the last four digits of their social or whatnot. Then, of course, now it's very standard not to have to use the last four digits of social for identity. Beyond that, we started working on identity verification, and one thing led to another, and everything sort of exploded in terms of, in my mind, from a fraud perspective, you know, how much we could help to prevent. sort of exploded in terms of, in my mind, from a fraud perspective, you know, how much we could help to prevent. I left that company and started working with gift cards and then was exposed to learning about money laundering.

Starting point is 00:04:18 That led me then to underground data, understanding that, and then starting to work with SpyCloud on product development around that. And the product development started in the age verification piece of it. It was in good stand all the way through my career. At SpyCloud, we're building products that are leveraging, in my opinion, one of the most robust and complete underground databases in the world. underground databases in the world. We're looking at different ways to use that data to try and help prevent fraud. You know, understanding that breaches and leaks are really at the core of this online fraud.

Starting point is 00:04:57 It's really more about identifying the risk of that identity versus just looking at devices to try and solve for fraud. It's been my experience that it's sort of a misunderstood type of data. There's really two core assumptions hindering the use of underground data to fight online fraud. And first is that every user is equally exposed, which is not true. And second, that breach data is only valuable to criminals. Again, not true. So the truth that I'd like to sort of impart to the audience is that fraud prevention can benefit from that breached, exposed, underground data. It really does provide signals of the user's risk, can help not only identify high risk, but it can also identify low risk. There weren't a lot of opportunities for me as a woman to take advantage of early on,

Starting point is 00:06:20 so I sort of made my own. I guess the other pieces that I would like to change, if at all possible, would be that as an anti-fraud professional, a lot of times in businesses, the fraud division is a lot smaller than sort of like the business growth division. And that disparity can really overtax the people in that fraud division who are trying their hardest to make things right on one side. I believe that being able to share the stories and being able to share the things that have been successful in preventing and what the types of attacks were that are happening are so important. Everybody has this weakness. And the more that we can share with others of how we've remediated those weaknesses, the stronger that we're going to be in the fight against, you know, the cyber crimes and the fraud. Anybody that's looking to get into this type of industry or career,

Starting point is 00:07:51 you know, you need to align with the mission. Also having a desire and a passion to prevent the fraudulent cyber attack kind of events. And if you have that and read insatiably and network with people, there's definitely an opportunity. I have always been a person who said, if you don't try, you'll never know. I did have a very good support system, and it made it much easier, certainly,

Starting point is 00:08:24 than maybe somebody that wouldn't have had that support system. And it made it much easier, certainly, than maybe somebody that wouldn't have had that support system. But I don't feel that I would have been as fulfilled had I not taken that leap. Thank you. We're thrilled to partner with ThreatLocker, a cybersecurity solution trusted by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely. Visit ThreatLocker.com today to see how a default-deny approach can keep your company safe and compliant.

CyberWire Daily - Pattie Dillon: Take the leap. [Anti-fraud] [Career Notes]

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.