Understanding How Threats Enter Through People
Technology secures systems. It does not secure conversations.
Teams and individuals who handle sensitive information, manage external relationships, represent the organization at industry events, or operate in environments where the people they interact with may not always be who they appear to be. This includes senior managers, business development and sales teams, procurement, legal, and anyone whose conversations regularly involve information that has competitive or operational value. SENTINEL is also relevant for organizations that have experienced — or suspect they have experienced — a situation where information left the organization through human interaction rather than through a technical breach.
The program opens with a clear-eyed look at how targeted approaches work in professional environments. Participants learn how business espionage differs from targeted manipulation, how attackers research, select, and approach individuals within organizations, and what the typical progression of a targeted relationship looks like from initial contact to information extraction.
Participants develop the ability to identify behavioral signals that indicate a conversation or relationship may be operating with a hidden agenda. This includes verbal and non-verbal indicators, patterns in questioning, anomalies in the way someone manages a relationship, and the specific triggers that experienced operators use to encourage disclosure.
A substantial portion of SENTINEL addresses the insider dimension — not as a source of organizational paranoia, but as a real and frequently underestimated risk. The program distinguishes between intentional and unintentional insider risk, examines the conditions that make both more likely, and gives participants practical frameworks for identifying early warning signs without creating a culture of suspicion.
The program includes a component on cybersecurity awareness specific to human vulnerability — how people are approached through digital channels, how social engineering works in practice, and what the intersection between human and digital vulnerability looks like in a corporate environment. The final section is practical, with participants working through realistic scenarios drawn from professional environments similar to their own.
The most effective way to extract information from an organization has always been through its people.
The in-person format allows for immersive scenario work and group exercises. The online format distributes the content across several weeks, which some organizations find more practical for scheduling senior teams. Both formats cover identical content and produce identical outcomes.