Member Masterclass
Level up your skills with sessions curated by our community.
Overview
Bringing together two critical dimensions of modern cybersecurity: the rising danger of insider threats and risk complacency.
From Insider Threats to Wilful Neglect : Understanding the Human Factors Behind Cyber Risk
By combining insider threats and organisational complacency into one session, participants gain a clearer understanding of how human behaviour, psychology, and decision-making expose organisations to significant cyber risk.
Insider threats whether malicious or accidental are among the fastest growing and most costly cybersecurity challenges because they originate from trusted individuals with legitimate access. At the same time, many organisations knowingly carry unresolved cyber risks, often underestimating the consequences of inaction. Together, these issues highlight a common theme: risk is not just technical it is deeply human.
Key features
In this workshop, we explore how personal stressors, workplace pressures, and organisational change can increase vulnerability to insider activity, while also examining how cognitive biases, emotional responses, and flawed thinking contribute to complacency in risk management.
Participants will uncover why early warning signs both behavioural and technical are frequently missed, and how risk registers can become repositories of ignored threats rather than tools for action.
Through practical frameworks and real world insights, this session equips attendees with strategies to:
· Identify and understand different types of insider threats
· Recognise behavioural, digital, and organisational warning indicators early
· Address the psychological and emotional drivers behind risky decisions and inaction
· Strengthen governance and accountability to avoid wilful neglect of cyber risks
· Foster a proactive, values-driven approach to cybersecurity across the organisation
Date
Thursday 15th May – 1:00pm – 2:30pm
Cost
Free
Meet the speaker
Andy Compton
Andy Compton is the CEO of Cortida Limited, a trusted cybersecurity consulting company serving private and public organisations across the UK, Channel Islands, Europe, and North America.
With extensive experience in shaping security strategies, Andy advises leadership teams and delivers risk assessments, security reviews, and incident response services for organisations across many sectors.
Professional Credentials:
• Certified Information Security Manager (CISM)
• Qualified Security Assessor (QSA)
• Lead Implementer & Internal Auditor of International Security Standards (ISO 27001 LI & IA)
• Cyber Incident Planning & Response (CIPR)
Beyond client engagements, Andy actively contributes to the cybersecurity community by:
• Speaking at local, national and international conferences
• Contributing to industry forums
• Mentoring future professionals
• Helping shape national security standards