Sophos CISO Hosts AMA on Detecting Fraudulent Remote IT Hires and Building Effective Controls

Ross McKerchar, CISO at Sophos, is hosting an AMA (Ask Me Anything) session on Reddit regarding the issue of North Korean (DPRK) actors infiltrating Western companies as remote IT workers. He offers to discuss cross-functional detection playbooks, identity verification processes for remote hiring, managing red flags, and collaboration between Security, HR, IT and Legal teams. McKerchar is making available a free playbook developed by his team and proposes to answer questions about building effective controls, technical indicators observed, and aligning security with real business risks.