Lindsey Porter is the program manager for Flashpoint Intelligence Academy (FIA) and Flashpoint Professional Services (FPS). Before joining Flashpoint, she spent 19 years working for American Express, where she built and managed incident response and insider threat programs for the company’s information security team, and held other positions in the company’s credit and fraud risk teams. She holds a Bachelor of Science in Business Administration from the University of Phoenix and is a Certified Information Security Manager.
Q: Why Flashpoint?
I wanted to join a company where my wealth of knowledge in insider threats and incident response—as well as my program-management experience—could help make a difference, and Flashpoint’s GSDR (“get stuff done right”) culture felt like a great fit. I truly enjoy and admire Flashpoint’s culture. Not only is it empowering, it motivates me to push barriers to deliver a strong end result. The talent within the organization is amazing, and playing a part in the company’s growth is inspiring. I continue to learn from my colleagues every day.
Q: Can tell us more about Flashpoint Intelligence Academy (FIA)?
With FIA, our goal is to work with our customers and ensure they are getting the most out of Flashpoint’s products and services. Business Risk Intelligence (BRI) is a valuable resource, but some customers need additional support in leveraging BRI to attain an optimal impact on the organization.
BRI provides customers with a wealth of information gleaned from a vast amount of sources, and goes far beyond standard indicators of compromise (IOCs), providing the contextual insight needed to combat fraud, insider threat, data loss, and other risks and challenges. With FIA, we’re working to help customers understand how to use BRI insights to determine the best course of action and broaden their application of intelligence beyond the scope of their security operations center (SOC) to mitigate risk throughout their organizations on a macro level.
Q: What about Flashpoint Professional Services (FPS)?
FPS helps organizations reduce the challenges of overwhelmed or under-resourced business risk functions and can accelerate growth in both capabilities and efficiency for new or expanding teams. FPS services further align Flashpoint as a “trusted partner” to our customers and help to mature or increase organization’s’ intelligence capabilities.
Q: What excites you the most about your role?
I love that my role gives me the opportunity to collaborate with such a highly skilled group of individuals. The caliber of talent on both the FIA and FPS team is truly incredible! It’s an honor to be able to work alongside top-tier experts in areas such as insider threats, physical security, and cybersecurity. Being able to draw upon the teams’ collective expertise to support our customers is extremely gratifying.
Speaking of our customers, I also enjoy getting to work with so many different types of companies to help them address a diverse such diverse challenges. It’s interesting to see how organizational constructs differ from company to company, and more specifically, how companies rely on these various constructs to, for example, find vulnerabilities or detect insider threats. Not all companies operate in the same way, even among those in the same industry facing similar challenges. This is why it’s crucial to have the support of a team with diverse backgrounds, perspectives, and expertise, much like we have here with FIA and FPS.
Ever since I joined Flashpoint last year, FIA and FPS has grown tremendously. As program manager, I’m especially excited about this growth! After all, with growth comes the need for implementing repeatable, scalable processes, which I love doing!
Q: What’s your day-to-day schedule like?
I currently wear two different hats. One part of my job is to oversee day-to-day operations, new opportunities, and the execution of deliverables. The other part of my job is more strategic, focused on building out repeatable processes to support FPS and FIA. I’m working on creating a structure for both services, setting up programs, and ensuring that our processes are successful and align with our customers’ needs.
Q: What led you to go into incident response and insider threat?
Back in 2007, I was looking for a new challenge to support my professional development. My previous employer, American Express, was in the process of creating a specialized enterprise incident response group designed to manage data breaches. Opportunities to build new programs are rare, so I jumped at it. My first foray into insider threat was brought about in a similar fashion. In 2014, American Express was in the process of establishing its insider threat function, and I was eager to help develop the program.
Q: How has your past experience prepared you for your current role?
Building out two global programs within cybersecurity at a large financial institution required me to interface with many different departments across the company, including finance, legal, privacy, compliance, information security, and global security. Each department had slightly different needs and interests, which were often challenging to address individually. After an internal audit, we discovered that the company needed to invest more time and money into incident response. I was part of laying the groundwork and creating scalable processes that helped the organization be compliant on a global level. Given the company’s global footprint, we had to account for the different compliance laws in all of the different countries in which we were operating. This was quite the challenge, but also the perfect opportunity for me to grow my management skills. In the end, I’m extremely proud to have implemented a global program that, to this day, continues to support the company.
With the incident response program, I was working to implement more scalable processes for an existing operation. In contrast, I was working to build an insider threat program from scratch. It began when I identified the trend within the industry that insider threat was a growing risk, recognizing that having a robust program to address it was becoming a necessity within the organization. By creating this program, different departments across the organization were able to communicate, enabling the company to connect the dots and see a holistic view of potential insider risk.
Q. What are your interests outside of work?
I’m very interested in personal development and learning how to see the world from different points of view. I love to travel and really enjoy seeking out new experiences and meeting new people. The way we respond to different situations uniquely reflects our upbringing, cultural background, and life experiences, all of which are fascinating to me.
Q. Speaking of life experiences, what’s one experience that’s had a major impact on your personal perspective?
For two years, I lived in Hove, East Sussex, a town on the English coast overlooking France. At the time, I was working in credit risk management for global corporate cards. The best part of of living abroad was the ability to travel and to apply my U.S. business-centric approach to the international business space. It was a challenge due to different laws and regulations, yet it made me appreciate even more the intricacies of the international space!