Winners' Circle

Paul Mander on Optery, Data Brokers, and Reducing Social Engineering Risk


Listen Later

Paul Mander is helping businesses reduce one of the fastest-growing cybersecurity risks: exposed personal data. As Chief Commercial Officer for Optery for Business, Paul works with enterprises to remove employee data from data broker sites and reduce the information available to threat actors. Optery recently won a Fortress Cybersecurity Award for its work helping organizations protect people, executives, and teams from AI-enabled social engineering attacks.

In this episode, Russ and Paul explore what data brokers are, how they collect and sell personal information, and why exposed data has become a major enterprise security issue. Paul explains how personal details like phone numbers, home addresses, family connections, organizational charts, and email addresses can be used to create more convincing attacks.

They dive into how Optery scans data broker sites, finds exposed profiles, submits opt-out and deletion requests, and verifies removals with screenshots, links, and proof inside the platform. Paul also explains why this is not a one-time cleanup, since data brokers constantly rebuild profiles, rebrand, resurface data, and create new exposures.

The conversation also covers how AI has changed the threat landscape by making social engineering faster, cheaper, more personalized, and easier to scale. Paul shares why IT, finance, HR, and executives are common targets, why BYOD policies create additional risk, and why CISOs are increasingly treating personal data removal as part of the cybersecurity stack.

Along the way, Paul discusses data broker directories, human plus machine workflows, enterprise attack surfaces, employee privacy, consumer control, open web data, and why removing exposed personal data is becoming a proactive defense against the next generation of cyberattacks.

Topics Covered:

[00:01] Welcome and intro, Paul Mander, Optery for Business, and the Fortress Cybersecurity Award win

[00:41] What Optery does and how personal data removal works

[01:15] Why data brokers create risk for enterprises

[02:11] How exposed data enables social engineering attacks

[03:12] Why IT, finance, HR, and executives are major targets

[04:20] Selling personal data removal as an enterprise security solution

[04:51] How CISOs are starting to treat exposed employee data as attack surface

[05:40] Why phone numbers and personal devices can create breach risk

[06:16] BYOD, personal phone numbers, and compromised devices

[07:12] Why this attack surface has been overlooked

[08:00] How AI has made social engineering easier to launch and scale

[09:30] Moving from reactive employee training to proactive data reduction

[10:21] Why data removal is never fully finished

[10:45] How data brokers rebuild profiles and relist information

[11:39] Data broker rebrands, shell companies, and whack a mole removals

[12:16] How Optery proves what it found and what it removed

[13:31] Why executive exposure can make the risk feel real

[14:06] What Paul has seen in exposed personal data

[15:27] Why AI search changes how people should think about exposure

[16:06] Why new data appears constantly

[16:22] Why Optery uses humans plus machines for removals

[17:02] Why professionals may want visibility but still need control

[19:24] Why Optery open sourced its data broker directory

[20:31] Where the personal data removal industry is headed

[21:01] Why data removal may become part of the cybersecurity stack

[22:00] Consumer control, privacy laws, and where personal data goes next

[22:43] Why personal data removal is more like an ongoing insurance policy

[23:19] Why exposed data requires proactive monitoring

[23:57] Final thoughts on social engineering, personal data, and cybersecurity risk

...more
View all episodesView all episodes
Download on the App Store

Winners' CircleBy Business Intelligence Group Winners' Circle