Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

Fortra: When a Notebook Defeats Your Entire Security Stack

Fortra
07/05/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


and this would be close to the example that you gave about yourself, Tyler, a woman manages to infiltrate a company that sort of does lending to people. Now, it's not one of the major banks. It's one that sort of does, you know, subprime kind of, you know, not payday loan, but just barely above that, giving people mortgages and loans and stuff. So they were getting all kinds of applications in with all the sensitive data that you have to put into those things. And they had great physical security. They couldn't plug a USB in, they had firewalls, they had everything else. This woman was coming in and you know how she was getting the information and using it to apply for credit cards? Notebook and pen. Nobody thought about a notebook and pen. She was sitting in front of her computer at lunch and writing down the information. And the only reason that she got caught was her boyfriend was also putting in fraudulent credit card applications. The cops busted into their apartment, found her notebook. So you see what I'm talking about here. I mean, that's not something a technical control is gonna fix, but it's something process will fix, right? You're sort of, first of all, better vetting of who applies for a job there. And also you can notice if somebody's sitting there taking a notebook, right? Taking, you know, writing stuff down in a notebook. So these are the things we worry about and you know, physical security is a part of this too.

TL;DR

  • A lending company with strong technical controls — firewalls, USB restrictions, physical security — was breached by an insider who simply wrote down customer data with a notebook and pen.
  • The attacker was only caught because her boyfriend's separate fraud triggered a police investigation, not because any security control detected her activity.
  • Technical controls alone cannot stop analog data exfiltration; process improvements like behavioral monitoring and rigorous employee vetting are essential complements to any security stack.

Summary

In this short clip from The Art of Security podcast, Brent Arnold of INQ Law recounts a real-world insider threat case that exposes a fundamental gap in technology-centric security strategies. A woman working at a subprime lending company — an organization that processed sensitive financial applications and had robust technical controls including firewalls, USB port restrictions, and physical access security — bypassed every single safeguard using nothing more than a notebook and a pen. During lunch breaks, she would manually copy applicant data from her screen and later use it to apply for fraudulent credit cards. She was only caught because her boyfriend was independently submitting fraudulent applications, leading police to their apartment and the incriminating notebook. Arnold's takeaway is direct: no technical control can prevent someone from writing things down. The fix lies in process and people — better pre-employment vetting, behavioral observation on the floor, and recognizing that physical security must account for analog threats, not just digital ones. For organizations that believe a strong security stack equals a secure environment, this case is a pointed reminder that human behavior remains the most exploitable attack surface of all.

Chapters

0:00 - The Breach Setup
0:25 - Strong Tech, Zero Protection
0:38 - Notebook and Pen
0:54 - Process Over Technology

Key Quotes

0:38 "Notebook and pen. Nobody thought about a notebook and pen."
0:56 "That's not something a technical control is gonna fix, but it's something process will fix, right? ..."
1:01 "Better vetting of who applies for a job there. And also you can notice if somebody's sitting there taking a notebook, right? ..."

FAQ

How was the insider threat in this story eventually discovered?

The attacker was not caught by any security system. Police investigating her boyfriend's separate fraudulent credit card applications raided their apartment and found her notebook containing the stolen customer data.

What controls could have prevented this type of analog data theft?

According to Brent Arnold, process-level controls are the answer — specifically better pre-employment background vetting and behavioral observation on the floor to notice employees manually copying information from their screens.


Categories:
  • » Data Protection » Backup & Recovery
  • » Data Protection
Channels:
News:
Events:
Tags:
  • Security Operations
  • Data Protection
  • Best Practices
  • Short Form
  • Insider Threat
  • Physical Security
  • Human Behavior Risk
  • Data Exfiltration
  • Security Controls Limitations
  • Employee Vetting
  • Analog Attack Vectors
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: Fortra: When a Notebook Defeats Your Entire Security Stack

              Upcoming Webinar Calendar

              • 07/09/2026
                01:00 PM
                07/09/2026
                The HUMAN Experience: Empowering Agentic Trust in Practice
                https://www.truthinit.com/index.php/channel/2026/the-human-experience-empowering-agentic-trust-in-practice/
              • 07/14/2026
                01:00 PM
                07/14/2026
                Crafting a Championship-Level Security Team for Unmatched Defense Success
                https://www.truthinit.com/index.php/channel/2025/crafting-a-championship-level-security-team-for-unmatched-defense-success/
              • 07/14/2026
                02:00 PM
                07/14/2026
                Understanding the Crucial Role of Context in AI Data
                https://www.truthinit.com/index.php/channel/2037/understanding-the-crucial-role-of-context-in-ai-data/
              • 07/21/2026
                04:00 AM
                07/21/2026
                Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
              • 07/21/2026
                01:00 PM
                07/21/2026
                HUMAN Dialogue: Insights from Attackers During the FIFA World Cup
                https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-during-the-fifa-world-cup/
              • 07/22/2026
                06:30 AM
                07/22/2026
                Insights and Innovations in Data Privacy and Digital Protection
                https://www.truthinit.com/index.php/channel/2000/insights-and-innovations-in-data-privacy-and-digital-protection/
              • 07/28/2026
                01:00 PM
                07/28/2026
                Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
              • 07/29/2026
                04:00 AM
                07/29/2026
                Real-Time Strategies for Safeguarding Against Prompt Injections
                https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
              • 07/29/2026
                12:00 PM
                07/29/2026
                Unified Data Security in Action: Uncover, Analyze, and Resolve Threats
                https://www.truthinit.com/index.php/channel/2045/unified-data-security-in-action-uncover-analyze-and-resolve-threats/
              • 08/19/2026
                12:00 PM
                08/19/2026
                Becoming Agent Ready: Insights from Cyera's Expertise
                https://www.truthinit.com/index.php/channel/2036/becoming-agent-ready-insights-from-cyeras-expertise/
              • 09/30/2026
                04:00 AM
                09/30/2026
                AI Command Center: Optimizing Visibility and Control in Your Operations
                https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/

              Upcoming Events

              • Jul
                09

                The HUMAN Experience: Empowering Agentic Trust in Practice

                07/09/202601:00 PM ET
                • Jul
                  14

                  Crafting a Championship-Level Security Team for Unmatched Defense Success

                  07/14/202601:00 PM ET
                  • Jul
                    14

                    Understanding the Crucial Role of Context in AI Data

                    07/14/202602:00 PM ET
                    • Jul
                      21

                      Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

                      07/21/202604:00 AM ET
                      • Jul
                        21

                        HUMAN Dialogue: Insights from Attackers During the FIFA World Cup

                        07/21/202601:00 PM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version