Governance & Risk Management , Insider Threat , Video

Code42's Joe Payne on Why Source Code Theft Is So Prevalent

CEO Shares Strategies to Overcome Technical, Cultural Challenges of This Top Threat
Joe Payne, president and CEO, Code42

Too often when software developers change jobs, they take source code they've written with them, feeling the code belongs to them even if it belongs to an employer.

See Also: Cyber Insurance Assessment Readiness Checklist

Code42 President and CEO Joe Payne says source code theft can be very challenging to detect since the code resides in text files that are often stored in personal GitHub accounts. In addition, software engineers often don't see source code theft as harmful to the company they're departing since the engineers are only taking a copy of the code to their new workplace, leaving the original code intact, he says (see: The Biggest Security Threat to Company Data: Your Employees).

"It is a big problem. It's probably a number one threat to our data today," Payne says. "It is technically challenging, for sure, and it is culturally challenging. But it's OK. There are new solutions, there are new attack patterns, and there are new ways for us to deal with this. You just have to educate yourself on them."

In this video interview with Information Security Media Group, Payne also discusses:

  • How to stop laid-off employees from stealing data;
  • Why personal email and Dropbox shouldn't be used for work;
  • Emerging threats on the agenda at the Insider Risk Summit.

Payne has more than 20 years of leadership experience in high-growth security and technology companies. With a passion for identifying and solving emerging market needs, he engages personally in product strategy and direction while growing and providing vision and guidance to teams of security executives. Previously, Payne served as CEO of eSecurity, the first SIEM software company. He also served as president of iDefense prior to its acquisition by VeriSign. At iDefense, Payne led white hat security researchers and worked with U.S. financial institutions and government agencies to improve their risk profiles.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.