10 Steps to Kicking Off Your Insider Threat Program
By Mark Wojtasiak, vice president, Code42
Malware, ransomware and other external cyber threats are usually the security threats that grab the most
headlines. You might be surprised to know that insider threats are one of the largest unsolved issues in
cybersecurity, according to McKinsey. A staggering half of all data breaches between 2012 and 2017
were derivative of some insider threat element. And in the last month alone, we’ve seen three high profile
cases of employees stealing sensitive information from McAfee, Desjardins Bank and SunPower Corp.
However, while businesses know they have to address this looming risk, they’re often stuck trying to
figure out, “Where do we start?”
Sure, it’s easy to just say, “build a comprehensive insider threat program,” but that’s daunting, time-
consuming, expensive and complex. Building an insider threat program goes far and beyond “best
practices.” It usually involves an entire team dedicated exclusively to insider threat detection and
response, which sounds nice, but not realistic for those security teams working with a tight budget and
limited team resources.