Pattie Dillon: Take the leap. [Anti-fraud] [Career Notes] - CyberWire Daily

Summary5 min read

CyberWire Daily Summary Episode: Pattie Dillon: Take the Leap
Release Date: May 25, 2025
Host: N2K Networks

Introduction

In this episode of CyberWire Daily, host Patty Dillon, Product Manager for Anti-Fraud Solutions at Spy Cloud, shares her extensive experience in the cybersecurity and anti-fraud sectors. Dillon delves into her career journey, the evolution of fraud prevention technologies, the significance of underground data in combating online fraud, and offers valuable insights for aspiring professionals in the field.

Career Journey and Transition

Patty Dillon begins by recounting her personal and professional evolution. Initially dedicated to her roles as a wife and mother, Dillon felt a compelling urge to find a fulfilling career as her children grew older. This led her to explore various career paths, ultimately igniting her passion for fraud prevention.

"I felt like I was really missing something. And so I went out and found a number of different careers that I enjoyed. But the one that was most interesting to me and I had the most passion for was preventing fraud."
(Patty Dillon, 01:04)

Dillon has dedicated nearly two decades to the anti-fraud and cybersecurity domains. Her entrepreneurial spirit led her to establish a small company in upstate New York, catering to small and medium-sized businesses, including an online tobacco retailer seeking robust age verification solutions.

Evolution of Fraud Prevention Technologies

Dillon discusses her early foray into the data landscape, emphasizing the vastness and complexity of available information. Her commitment to privacy-oriented solutions drove her to innovate beyond traditional methods that required sensitive data like the last four digits of Social Security numbers.

"If we're going to build this, I'd really like to make sure that it's more privacy oriented and people aren't required to put in the last four digits of their social or whatnot."
(Patty Dillon, 01:04)

This approach was ahead of its time, as the industry has since moved towards identity verification methods that do not rely on such sensitive information. Her work in identity verification naturally extended into broader anti-fraud measures, allowing her to significantly impact fraud prevention strategies.

Transition to Spy Cloud and Leveraging Underground Data

Dillon's career trajectory led her to Spy Cloud, where she focuses on product development aimed at utilizing underground databases to prevent fraud. She highlights that Spy Cloud leverages one of the most comprehensive underground databases globally, enhancing their ability to identify and mitigate fraud risks effectively.

"At Spy Cloud we're building products that are leveraging in my opinion, one of the most robust and complete underground databases in the world."
(Patty Dillon, 01:04)

She emphasizes that online fraud is deeply rooted in data breaches and leaks. Therefore, understanding and utilizing breached data is crucial for identifying risk profiles, moving beyond mere device-level analysis to comprehensive identity risk assessment.

Misconceptions About Underground Data in Fraud Prevention

Dillon addresses two prevalent misconceptions that hinder the effective use of underground data in fraud prevention:

Uniform Exposure Assumption: The belief that every user has an equal likelihood of being exposed to fraud, which Dillon refutes by explaining that exposure varies significantly among users.

"Every user is equally exposed, which is not true."
(Patty Dillon, 01:04)
Criminal-Only Value of Breached Data: The notion that breached data solely benefits criminals is incorrect, as Dillon argues that such data can be instrumental in identifying and mitigating fraud risks.

"Breached data is only valuable to criminals. Again, not true."

(Patty Dillon, 01:04)

By debunking these myths, Dillon underscores the strategic advantage that underground data provides in both identifying high-risk individuals and recognizing those with low risk, thereby enhancing the precision of fraud prevention efforts.

Challenges for Women in Anti-Fraud Professions

Reflecting on her experiences, Dillon acknowledges the limited opportunities available to women in the early stages of her career. To overcome these barriers, she proactively created her own opportunities, demonstrating resilience and determination.

"There weren't a lot of opportunities for me as a woman to take advantage of early on, so I sort of made my own."
(Patty Dillon, 01:04)

Dillon highlights the broader issue within businesses where fraud divisions are often under-resourced compared to growth-oriented departments. This imbalance places significant pressure on fraud professionals, who must strive to protect organizations despite limited support.

"A lot of times in businesses the fraud division is a lot smaller than sort of like the business growth division. And that disparity can really over tax the people in that fraud division who are trying their hardest to make things right on one side."
(Patty Dillon, 01:04)

The Importance of Knowledge Sharing and Collaboration

Dillon advocates for the sharing of success stories and attack methodologies as a means to strengthen the collective defense against cybercrimes and fraud. By openly discussing vulnerabilities and remediation strategies, the industry can build a more robust and resilient defense framework.

"The more that we can share with others of how we've remediated those weaknesses, the stronger that we're going to be in the fight against the cyber crimes and the fraud."
(Patty Dillon, 01:04)

Advice for Aspiring Anti-Fraud Professionals

For individuals interested in pursuing careers in anti-fraud and cybersecurity, Dillon offers several key pieces of advice:

Align with the Mission: Passion and a strong commitment to preventing fraud are essential.

"You need to align with the mission. Also having a desire and a passion to prevent the fraudulent cyber attack kind of events."
(Patty Dillon, 01:04)
Continuous Learning and Networking: An insatiable appetite for knowledge and building connections within the industry are crucial for success.

"If you have that and read insatiably and network with people, there's definitely an opportunity."
(Patty Dillon, 01:04)
Taking Risks: Embracing the philosophy of taking leaps of faith can lead to fulfilling and impactful careers.

"If you don't try, you'll never know. ... I don't feel that I would have been as fulfilled had I not taken that leap."
(Patty Dillon, 01:04)

Dillon emphasizes the importance of a strong support system in overcoming challenges and achieving career fulfillment, underscoring the interplay between personal resilience and professional success.

Conclusion

Patty Dillon's insights offer a comprehensive look into the anti-fraud landscape, highlighting the critical role of underground data, the challenges faced by professionals—especially women—in the field, and the imperative of collaboration and continuous learning. Her journey from personal fulfillment to leading anti-fraud initiatives serves as an inspiring blueprint for aspiring cybersecurity professionals.

Notable Quotes:

"If we're going to build this, I'd really like to make sure that it's more privacy oriented and people aren't required to put in the last four digits of their social or whatnot."
(Patty Dillon, 01:04)
"Every user is equally exposed, which is not true."
(Patty Dillon, 01:04)
"You need to align with the mission. Also having a desire and a passion to prevent the fraudulent cyber attack kind of events."
(Patty Dillon, 01:04)

This summary encapsulates the key discussions and insights shared by Patty Dillon in the episode, providing a comprehensive overview for listeners and those interested in the nuances of fraud prevention and cybersecurity.

Loading summary

Transcript4 lines

[00:02]
Patty Dillon
You're listening to the Cyberwire Network, powered by N2K.
[00:13]
Dave
Worried about cyber attacks? Cyber Care from Storm Guidance is a comprehensive cyber incident response and resilience service that helps you stay prepared and protected. A unique onboarding process integrates your team with industry leading experts, so if an incident occurs, your response is optimal. Get priority access to deeply experienced responders, digital investigators, legal and crisis PR experts, ransom negotiators, trauma counselors and much more. The best part, 100% of unused response time can be repurposed for a range of proactive resilience activities. Find out more at Cyber Care Cyberwire.
[01:05]
Patty Dillon
My name is Patty Dillon. I'm the product manager for anti fraud solutions at Spy Cloud. I guess really like way back, because of my age, I'm not a spring chicken. It was just like being a wife and a mother and so I honestly loved doing that too. But as my kids were growing up, I felt like I was really missing something. And so I went out and found a number of different careers that I enjoyed. But the one that was most interesting to me and I had the most passion for was preventing fraud. I've been doing this for, geez, close to 20 years. Anti fraud space, cybersecurity space. I had a small company in upstate New York and it served a number of small to medium sized businesses and one of those businesses was an online tobacco business. So there's many different types of tobacco being sold online now, but at the time it was very limited and the individual wanted to look for some sort of age verification solution. I got into the data world and honestly was flabbergasted by how much information was out there and said, wow, if we're going to build this, I'd really like to make sure that it's more privacy oriented and people aren't required to put in the last four digits of their social or whatnot. Then of course now it's very standard not to have to use the last four digits of social for identity. Beyond that, we started working on identity verification and one thing led to another and everything sort of exploded in terms of in my mind from a fraud perspective, you know, how much we could help to prevent. I left that company and started working with gift cards and then was exposed to learning about money laundering. That led me then to underground data, understanding that and then starting to work with Spy Cloud on product development around that. And the product development started in the age verification piece of it and was in good stand all the way through my career. At Spy Cloud we're building products that are leveraging in my opinion, one of the most robust and complete underground databases in the world. We're looking at different ways to use that data to try and help prevent fraud. You know, understanding that breaches and leaks are really at the core of this online fraud. It's really more about identifying the risk of that identity versus just looking at devices to try and solve for fraud. It's been my experience that it's sort of a misunderstood type of data. There's really two core assumptions hindering the use of underground data to fight online fraud. And first is that every user is equally exposed, which is not true. And second, that breached data is only valuable to criminals. Again, not true. So the truth that I'd like to sort of impart to the audience is that fraud prevention can benefit from that breached exposed underground data. It really does provide signals of the user's risk, can help not only identify high risk, but it can also identify low risk. There weren't a lot of opportunities for me as a woman to take advantage of early on, so I sort of made my own. I guess the other pieces that I would like to change if at all possible, would be that as a anti fraud professional, a lot of times in businesses the fraud division is a lot smaller than sort of like the business growth division. And that disparity can really over tax the people in that fraud division who are trying their hardest to make things right on one side. I believe that being able to share the stories and being able to share the things that have been successful in preventing and what the types of attacks were that are happening are so important. Everybody has this weakness and the more that we can share with others of how we've remediated those weaknesses, the stronger that we're going to be in the fight against the cyber crimes and the fraud. Anybody that's looking to get into this type of industry or career, you need to align with the mission. Also having a desire and a passion to prevent the fraudulent cyber attack kind of events. And if you have that and read insatiably and network with people, there's definitely an opportunity. I have always been a person who said if you don't try, you'll never know. I did have a very good support system and it made it much easier certainly than maybe somebody that wouldn't have had that support system. But I don't feel that I would have been as fulfilled had I not taken that leap.
[08:11]
Dave
Foreign hey everybody, Dave here. I've talked about delete me before and I'm still using it because it still works. It's been a few months now, and I'm just as impressed today as I was when I signed up. Deleteme keeps finding and removing my personal information from data broker sites. And they keep me updated with detailed reports so I know exactly what's been taken down. I'm genuinely relieved. Knowing my privacy isn't something I have to worry about every day. The Deleteme team handles everything. It's the set it and forget it peace of mind. And it's not just for individuals. Deleteme also offers solutions for businesses, helping companies protect their employees personal information and reduce exposure to social engineering and phishing threats. And right now, our listeners get a special deal. 20% off your delete me plan. Just go to JoinDeleteMe.com N2K and use promo code N2K at checkout. That's JoinDeleteMe.com N2k code N2K.