GigaOm Radar for Insider Risk Managementv1.0

Table of Contents

  1. Executive Summary
  2. Market Categories and Deployment Types
  3. Decision Criteria Comparison
  4. GigaOm Radar
  5. Solution Insights
  6. Analyst’s Outlook
  7. About Paul Stringfellow

1. Executive Summary

Insider risk management is the process of identifying, assessing, and mitigating the potential threats posed by organizational insiders. Insiders are people such as employees, contractors, vendors, or partners who have authorized access to the organization’s assets. They may intentionally or unintentionally misuse their access to harm the organization, its customers, or its stakeholders. They may do this via data theft, confidentiality violations, insider trading, fraud, or regulatory compliance violations. A failure to identify and mitigate such risks can greatly impact an organization. These impacts include business disruption, financial losses, damage to customer relationships, and regulatory non-compliance, all of which can negatively affect any business.

A successful insider risk management program should be a high priority for diligent businesses. However, a successful approach should not rely on technology alone. An effective program involves implementing policies, procedures, and controls to prevent, detect, and respond to insider incidents. It requires creating a culture of trust and accountability that makes insiders aware of their responsibilities and the consequences of their actions. It is also not a function of IT alone; it is a multidisciplinary effort that involves collaboration among various functions, such as human resources (HR), legal, security, IT, and compliance.

However, successful insider risk management for any organization will need technology, as the threats are too complex for policies and human management alone. This gap has led to the development of insider risk management solutions. While insider risk management may be an evolving or even new term to some, it brings together a number of well-known mature technologies such as asset discovery, user behavior analytics, and data loss prevention with supporting services such as alerting, reporting, and case management in a cohesive approach that allows security teams to deter, detect, and disrupt insider behavior that poses a risk to important business assets.

This report will focus on technologies that allow organizations to gain insight into insider risk by studying the activities across their technology platforms. These signals are then consolidated to alert organizations to threats, enable their investigation, and take enforcement actions to protect key information assets.

Insider risk management is essential for protecting an organization’s reputation, assets, and competitive advantage. It can help an organization comply with regulatory requirements, enhance its security posture, reduce its operational costs, and improve its customer satisfaction. The threat posed to an organization by insider risks, whether posed by intentional malfeasance or not, is significant and cannot be left unaddressed.

This is our first year evaluating the insider risk management space in the context of our Key Criteria and Radar reports. This GigaOm Radar report examines 15 of the top insider risk management solutions and compares offerings against the capabilities (table stakes, key features, and emerging features) and nonfunctional requirements (business criteria) outlined in the companion Key Criteria report. Together, these reports provide an overview of the market, identify leading insider risk management offerings, and help decision-makers evaluate these solutions so they can make a more informed investment decision.

GIGAOM KEY CRITERIA AND RADAR REPORTS

The GigaOm Key Criteria report provides a detailed decision framework for IT and executive leadership assessing enterprise technologies. Each report defines relevant functional and nonfunctional aspects of solutions in a sector. The Key Criteria report informs the GigaOm Radar report, which provides a forward-looking assessment of vendor solutions in the sector.