Troy Batterberry

At EchoMark, we're proud to work alongside a growing ecosystem of security leaders helping organizations get ahead of insider leaks - one of the most persistent and underestimated threats facing enterprises today. We're thrilled to announce that Deloitte is now part of that ecosystem. Together, we'll help their clients identify the source of leaked information using EchoMark's invisible forensic watermarking technology, turning what's often an unsolvable mystery into a definitive answer. Ultimately the goal is to instill more trust inside organizations and to help remedy when that trust is broken. Thank you to the Deloitte team for this customer-focused partnership. We're excited for what's ahead. https://t.co/pCIDQWvoEj

Are you really an entrepreneur…or a lemming posing as an entrepreneur? I was talking with a very gifted serial entrepreneur yesterday about a key GTM strategy for my business. After an energizing discussion, we both came to the same conclusion about the right ongoing strategy. But then I made a mistake. I fell into the lemming pit. I falsely gained comfort that because this strategy was successfully utilized by others in the past, it somehow bolstered its direct applicability to my business. WRONG! It's merely a coincidence. Building a startup requires you to fearlessly embrace the unknown and NOT seek comfort in what others have done before…because what has been done before simply does NOT matter for entrepreneurs. Your vision for the future matters. In fact, depending too much on the past will drive you towards incrementalism or worse avoidance, which is the death knell of entrepreneurial behavior. You instead need to fearlessly do what the market AND your business needs to achieve your vision of the future, regardless of what has happened in the past. Leverage the past for diversity of ideas for sure…but not for comfort. And, if you are seeking comfort, you are missing the point of being an entrepreneur. #BlazeANewTrail

"Insider threats surged in 2025, with a 69% rise in employees advertising access on the dark web compared to 2024." Insiders are causing tremendous damage with theft/leaks. This "threat from within" requires a new security posture. EchoMark's game-changing approach can help. We have redefined how to protect intellectual property. https://t.co/vyMVEPaZra

EchoMark has just won the Cybersecurity Breakthrough Award for “Insider Threat Detection Platform of 2025.” So much of our team’s great work serving our customers rightly needs to remain confidential. It’s inspiring to see their great work publicly acknowledged too. Congratulations, team EchoMark! Your skills, teamwork, and tenacity are blazing new trails using steganography, computer vision, AI, and more in ways no one else had envisioned. Ultimately, you are helping keep private information private. One additional (important) note – this award was earned - it is NOT a “pay to play”. Special thanks to Tech Breakthrough for doing the work to recognize innovation across the cybersecurity industry. #datalossprevention #insiderthreat #insiderrisk #echomark https://t.co/R9ZfYLqyzi

"You'll never need to work again." This is the offer ransomware vendors are making to YOUR employees in exchange for them granting them access your IT systems. Most of course will say NO. But it only takes one to say YES. A majority of company security teams are now viewing insiders as being a bigger risk than external actors (acting alone). It is time to rethink your threat vectors. Sadly, the BBC story is becoming more and more common. https://t.co/Q9QEaHsYVp

A new intellectual property theft lawsuit is a glaring warning to the AI industry. Elon Musk’s xAI is suing a former engineer for allegedly stealing trade secrets related to its Grok chatbot and taking them to OpenAI. Intellectual property theft isn’t just a corporate issue: IP protections drive innovation and economic growth, fueling technological breakthroughs for the good of humanity. But as events like these show, proprietary information is now more threatened than ever – especially by the very insiders entrusted to protect them. The theft of strategic IP could determine the difference between winning and losing today’s cutthroat AI arms race. And for every insider who gets caught, there are orders of magnitude more that don’t. Many current technologies designed to guard against insider threats are simply insufficient. Without intentional accountability and traceability, any system can become vulnerable to someone with trusted access walking out with tomorrow’s roadmap. At EchoMark, we embed invisible, individualized watermarks into sensitive documents like emails and presentations so when a leak happens, you don’t have to detect it by hindsight – you know exactly who handled it. Now more than ever, enterprises must treat IP like the fragile asset it is and build defenses that deter theft before it starts. The xAI case won’t be the last – the big question is which companies will be prepared when it’s their turn. https://t.co/kgwVhkdxGe

From government agencies to Fortune 500 boardrooms, the pattern is the same. A company hits turbulence, an insider leaks information about the change, and leaders react with suspicion and clamp down on the flow of information, setting off another round of leaks. The good news is that this leak doom loop can be broken. I explain this cycle in my latest piece for Forbes Technology Council. https://t.co/H2M9k9mVnK

"If you're an American company that's hired contract IT workers over the past few years, you've probably hired a North Korean." A chilling fact from Bloomberg Businessweek’s “Confessions of a Laptop Farmer: How an American Helped North Korea’s Wild Remote Worker Scheme” on Pyongyang’s sprawling network of operatives who pose as remote IT contractors – programmers, designers, database admins – and get hired by U.S. companies including Fortune 500s. And once inside, these operatives aren’t just doing contract IT work. Many are also quietly exfiltrating sensitive data, targeting industries from crypto to defense, and in some cases, extorting their employers with the threat of exposure. This is industrial espionage in its purest form – and a stark reminder that insider threats don’t always come from disgruntled employees. Sometimes, they arrive in the form of a remote contractor and a willingness to work for $50. The takeaway? Insider threats are becoming more pervasive than ever, and companies need to take every step possible to safeguard their data – even from their own hires. At EchoMark, we make it simple and seamless to establish a more secure and traceable system for sharing. Our invisible, individualized watermarks make it possible to know exactly who handled sensitive information, no matter where they’re working from or how they accessed it. Whether long-time employee or North Korean spy, the threats are there – and we’re here to help companies protect the information that matters most. https://t.co/Yf9xN70MuM

What do many of the top companies on the newly-released Fortune 500 sadly all have in common? Insider leaks. Here are a few of the recent examples: 👎AT&T CEO John Stankey came under fire for defending the company’s strict return-to-office policy after an internal memo leaked to Entrepreneur last weekend 👎Amazon CEO Andy Jassy memo criticizing the company’s bureaucracy was published in full by Business Insider 👎Walmart memo on job cuts quickly showed up in USA Today 👎Apple document that detailed the company’s system for scoring AI digital assistant responses appeared on Search Engine Land These leaks do real damage. They damage the company brand and customer trust from the inside out. They harm team morale, inform competitors, and undermine investor confidence. Perhaps most importantly, they impede future communications from leadership…the very lifeblood of an organization. EchoMark solves this by silently embedding invisible, individualized digital watermarks into every document, memo, or email. If EchoMarked information is ever leaked through a digital copy/fragment, a camera photo of a computer screen or printout, or even manually re-typed into another computer, the source can be quickly identified. EchoMark’s AI-powered system builds a culture of trust and accountability rather than suspicion and silence. The question facing the Fortune Global 500 (and every company, really) is simple: are you taking the right measures to stop damaging leaks? https://t.co/MUeEISHnyQ

"Are you crazy???? Why would you want more regulation???" In cybersecurity, we often evangelize technology as THE solution to all our problems. Modern tech can be great. But if the modern tech isn't actually used, we still suffer. Take identity management as one example. There continues to be online services that STILL don't support modern authentication such as multi-factor authentication (or better yet passkeys). Some services that do support modern authentication do so optionally and/or make it super hard to enable. Anyone who has done software design knows how optional features are typically NOT used by a majority of users...leaving them highly vulnerable. These online services know better. Perhaps they are wrongly concerned about losing users during the signup process. (Many of those "signups" are frankly BOTs anyway.) Or perhaps they are facing budget constraints or other prioritizations that are inhibiting them from making changes and doing the right thing. So they put it off. In the meantime, hackers take advantage of weak identity security, log in, and do tremendous damage to the user and the online service. Over 80% of all cybersecurity incidents are not from people "hacking in" - instead they are logging on with stolen credentials. Yeah. 80%. Modern authentication can stop a vast majority of them...if it is used. We have consumer protections for privacy. Some were absolutely needed - while others got a bit carried away (as in the case of privacy cookie banners). As I shared with Brianna Monsanto at IT Brew (article in comments), it's time to consider sensible regulation protections for security too - as long as it is balanced and kept current with the changing environment. It can be done in a way that is FAR less burdensome than some of the past privacy protections, and frankly would help protect FAR MORE users from nefarious activities. This will nudge the countless organizations dragging their feet to do the right thing, and dramatically slow the flow of $$$ to terrorist organizations. I have ZERO skin in the game for selling modern authentication systems. That is not our business. But I am a consumer who has suffered one too many breaches from stolen credentials (of others) that should have never happened. As an industry, we need to finally fix this and stop funding illegal activities through ransomware, etc. Modern authentication should be required.