Inquisitive IT

Leasttrust

Speaker Profile

Speaker catagories include:

Cybersecurity

Intellectual Property (IP)

Corporate Innovation Programs

Technology Transfer

Tim Schnurr is a cybersecurity professional that often speaks on emerging strategies for intellectual property (IP) strategy, cybersecurity, and corporate innovation programs 

Tim's hosts a weekly podcast on the cyber hygiene, compliance, and emerging risk strategies. Fridays at 2PMEST - TEAMTIM with co-hosts Tim Golden and Jesse Miller

Podcast  TEAMTIMLIVE

Recent Speaking Tracks:

Cyber Hygiene & Hardening: 5 new effective & low cost technologies -  This cyber hygiene track discusses five emerging technologies that are easy to implement and will drive employees to embrace them both inside and outside of work. The five technologies include: password managers, phishing resistant multi-factor authentication, browser security, more secure communications including Teams, and Iphone advantages. The discussion dives into what each one entails, why they are so effective, and by understanding the “Why” we can all get onboard with these emerging technologies. 


Navigating the Noise of Cybersecurity. The “Why now?”, “How much is enough?”, “Is security a cost?” and “Why this stack?” This cybersecurity culture track focuses on cutting through the noise of cybersecurity in a world filled with headline news and vendor marketing.  Corporate leadership and employees want to understand the data on cybersecurity losses and what trends are driving strategy shifts in cybersecurity, and why evidencing cybersecurity maturity is a growing business requirement. What role do frameworks provide? How are attacks shifting? How much is enough? Is security a cost or investment? Is there a method to the madness or do we just buy products that cybersecurity vendors sell us? 


Corporate Innovation Programs Lift Cybersecurity. How innovation programs can provide a foundation and culture to protect data - This cybersecurity culture track focuses on how companies can flip the script on cybersecurity uptake. The employee knows how to best get the job done, but technology is usually dictated from IT. How can companies experiment and bring cross collaboration between tech providers and users. By rewarding employees to seek efficiencies, productivity, and effectiveness, employees can become a security enabler vs security risk. We explore the concept of “shadow IT” and how “un-authorized” IT can actually be a positive force when managed with safeguards. We discuss how some firms have struck a balance in security and innovation while also maintaining a productive dialogue across all participants.


What can we learn from Mature Cyber Programs. This cybersecurity strategy track looks at the differences in cybersecurity investment amounts and allocations of mature vs small businesses. The 5 largest banks spend 10x per employee per month and allocate spending largely on the proactive vs reactive controls. Governance is largely absent from small business cyber efforts. Governance includes delegation, accountability, risk identification, policy building, and tracking. Mature programs also focus on making themselves small in terms of attack surface area. Least Trust and Lean Function are the two core tenants of hardening the access and storage of data. Least trust (also known as Zero Trust) is providing data access only a need to know basis. This creates resilience as data access is segmented across the firm and no one breach will result in a horizontal contagion. Lean Function involves limiting the applications or software each employee can use. This limits the amount of code, vulnerabilities, and opportunities that external attackers can enter the organization and also the ways insiders can leak data.