Five Steps to Building an Effective Insider Threat Program

  • LANGUAGE: English DATE: Thursday, December 13, 2018 TIME: 4:00pm CET, 10:00am EST, 7:00am PST
Upcoming Webinars
Five Steps to Building an Effective Insider Threat Program

The greatest cybersecurity threat an organization faces is no longer the malicious outsider hacking from beyond network firewalls. It is the insiders - the contractors, third-party vendors, and even your own privileged employees who already have full access to your company's systems and sensitive data. Any of those can cause substantial damage to your business by leaking confidential information, disrupting access to a critical system or simply draining your bank account. The most privileged users in this regard are no longer the IT administrators, but the CEO or CFO, and the number of new attacks targeting them specifically is on the rise.

Recent studies show that the damage caused by a malicious insider can quickly grow to millions of dollars, and simple employee negligence can, in fact, be the costliest threat to your business. Addressing this type of threat requires a completely different approach to cybersecurity – after all, traditional security solutions like firewalls or antiviruses are not designed to stop legitimate users from doing their daily jobs with a malicious twist.

Join this KuppingerCole webinar to learn the top five steps for building and maintaining an effective insider threat program, with best practices and real-life examples that you can use. We are going to cover the following topics:

  • The different types of potential malicious insiders and their motivations
  • How to determine if your organization is doing enough to address the insider threats
  • Five key elements to building an effective insider threat strategy
  • Designing an insider threat management strategy as a combination of people, processes and technology – in that order!

In the first part of the webinar, Alexei Balaganski, Lead Analyst at KuppingerCole, will explain the growing significance of insider threats and provide an overview of different types of malicious insiders, their motivations and the damage they can cause. He will also outline the scope and requirements for a sensible insider threat management strategy.

In the second part, Simon Sharp, VP International at ObserveIT, will demonstrate how organizations need to move beyond IT and think of an insider threat management strategy as a combination of people, processes and technology. He will talk about the real-life cases and best practices for organizing these processes and present a technical overview of the technologies behind them.


Alexei is an analyst with specific focus on cybersecurity. His deep technical understanding allows him to support customers even with complex architectural and security challenges. Previously he has served as KuppingerCole's CTO. After graduating with an MSc degree in Mathematics and...

With more than 18 years of leadership and management experience in cybersecurity, fraud and telecommunications, Simon leads ObserveIT’s international strategy, management and execution. He has held strategic management and leadership roles with market-leading cybersecurity organisations...

Lead Sponsor

ObserveIT empowers organizations to detect, investigate and stop insider threats. Purpose-built from the ground up, our uniquely agile threat management platform provides the intelligence that safeguards organizations’ most valuable assets.

With 300+ out-of-the-box insider threat indicators of compromise, rich metadata and outstanding search capability and playback of any policy violation, ObserveIT provides comprehensive visibility into what people – contractors, privileged users and high-risk users – are doing, and reduces investigation time from days to minutes. For more information visit:

Watch now


Trending Videos

Next Webinar


A DevSecOps Maturity Model for Secrets Management

Recent high-profile software supply chain attacks have highlighted the importance of security in the DevOps environment. But this can be challenging because DevOps teams are at the forefront of digital transformation and use agile techniques to deliver applications quickly, often not following traditional paths of identity management.

Become a Sponsor


+49 211 23707710
Mo – Fr 8:00 – 17:00