[Part 1 of 4] How to kick-off your insider risk program

July 13, 2017 Cary Williams

Part 1: Review the first two of eight components to building a successful insider risk detection program that goes beyond network monitoring.

One of the most common questions posed by customers looking to either launch a new insider risk program or improve their existing efforts in threat detection–where do I start? How do I kick-off my insider risk program to go beyond solely network monitoring?

There are eight components every organization must consider when building a successful program. In this first of a four blog series, let’s start the discussion with the need for leadership advocacy and a proper governance structure.

Leadership Advocacy

At Leidos, we prefer to use the term advocacy because executive “buy-in” or mere support is not sufficient to develop a successful insider risk program.

A new program, or an existing but fledgling program, needs senior organizational evangelists to succeed.

First, understand the playing field in which you want to deploy a risk program, and demonstrate that the program aligns with the company’s corporate culture. Simply, the insider risk program has to “fit in” with the organization’s mission, vision, and values.

Next, your leadership evangelists need to not only understand but confidently convey, the benefits of an insider risk program. Benefits may include:

  • deterring potential insiders
  • safeguarding corporate brand and reputation
  • protecting intellectual property and informational assets
  • improving shareholder and customer confidence
  • assist and retain employees

This top-down advocacy is not only critical to launching the program, but it also supports the program’s oversight and provides long-term resourcing and sustainment. If you can’t use your executive leadership team to be your evangelists, it may be a bit of an uphill struggle.


In addition to executive leadership advocacy, it is imperative to establish a sound governance structure.

To do so, identify key stakeholders and create a steering committee. The steering committee should provide strategic guidance in the development and deployment of the program, dispense critical oversight, and communicate with the leadership team and board of directors.

Steering Committee membership includes the program’s Executive Sponsor, Information Technology, Corporate Security, Human Resources, Legal and Privacy, Ethics and Compliance, Strategy, Finance, Communications, and other key stakeholders from across the organization, as appropriate.

For Leidos, our steering committee is at the vice president’s level with membership from the right functional areas. It includes an internal audit and presentations to the executive leadership team and board of directors that demonstrate we are executing the mission based on our approved concept of operations.

The bottom line—top-level executives, must actively support and participate in the program.

Coming Soon – Part Two: Set the Foundation for Your Insider Risk Program Success

In my next post, I will discuss why you need a communication strategy and the importance of documentation when developing the foundation of a successful insider risk program.

Need Help with Your Insider Risk Program

As the workplace becomes more complex and insider risks increase, organizations must ensure they can detect anomalies and prevent incidents before they happen. Leidos is your trusted partner to ensure the protection of your company’s critical assets and help you prevent an insider incident before it occurs.

Our array of insider risk solutions and team of insider risk experts are ready to assist you through all phases of assessing your current risk profile, creating and administering a comprehensive insider risk management program – including the best technology for your specific needs –  and helping you to respond to insider incidents if they do occur properly.

Contact us to talk to one of our insider risk experts today or download the white paper and explore the eight components every organization must consider when building a successful insider risk program.


Previous Article
The ITIL barrier to DevOps success
The ITIL barrier to DevOps success

The DevOps movement has renewed excitement in the IT industry and began bridging the expectation gap betwee...

Next Article
The Cyber Workforce, Part 1: Where we are and where we need to be
The Cyber Workforce, Part 1: Where we are and where we need to be

This is the first in a five-part series that analyzes the current and future state of the cybersecurity wor...