"Everybody in the hiring pipeline should really be looking out for this. Every person that touches a candidate has a chance to pick this up before someone gets hired."

Key Moments

00:42 Insider Threats for Financial Gain

06:10 High-Profile Cybersecurity Incident Reporting

09:16 Healthcare Data Extortion Risks

10:40 Spotting Red Flags in Hiring

14:14 Security and HR Collaboration in Hiring

17:23 Identifying Security Red Flags

19:51 Verifying Candidate Authenticity Steps

23:34 On-Camera Hiring Best Practices

There is a new security concern that is catching many off guard: hiring malicious actors. Matt Mock, our CISO, shares that instances of fake candidates, particularly those backed by entities from countries like North Korea, are no longer a rarity.

These actors typically have financial motives as their primary aim and have a surprising sophistication. They employ stolen identities and may even be working with domestic associates to get their foot in the door. As Meghan McLeod points out, these aren't mere hypotheticals. Even companies like KnowBe4 have reported encounters, underscoring that no organization is too small to be targeted.

It is important to be vigilant in the hiring process. There are a number of red flags during remote interviews that are worth being aware of such as inconsistencies in a candidate's story, reluctance to appear on video, or unusual locations to send equipment. But it's not just about catching these actors during interviews.

Some of these actors may be hired before they start to show subtle but suspicious activities. Accessing systems from unexpected locations or changing device settings to a foreign language can reveal their true intentions.

Resources

www.redoxengine.com

Past Podcast Episodes

https://redoxengine.com/solutions/platform-security

Have feedback or a topic suggestion? Submit it using this linked form.

Matt Mock mmock@redoxengine.com