ABOUT ITMG

ITMG helps insider-risk leaders move from reactive detection to proactive exposure management.

Built by insider-risk practitioners, ITMG helps organizations make sense of alerts, assessments, risk registers, profiles, roadmaps, and program activity — so leaders can understand exposure, prioritize action, and prove progress.

RiskTKO is the platform ITMG built to make that work repeatable, measurable, and executive-ready.

Built on 25 years of insider risk leadership

RiskTKO was created from decades of ITMG work across national security, Fortune 500 advisory, enterprise investigations, insider-threat program design, and executive risk governance. The platform reflects a simple belief: insider risk is not just a detection problem. It is a management problem.

100+
Fortune 500 clients
20,000+
Consulting hours
150+
Capability Assessments
300+
Insider Risk Engagements
Google company logo - ITMG enterprise client
Apple company logo - ITMG enterprise client
Dell company logo - ITMG enterprise client
Nike company logo - ITMG enterprise client
Baxter company logo - ITMG enterprise client

Selected ITMG enterprise consulting clients

WHY ITMG EXISTS

Most insider-risk programs do not fail because they lack tools. They struggle because they lack a decision layer.

Enterprise insider-risk teams often have more activity than clarity. They have alerts, investigations, assessments, training, policies, risk registers, DLP signals, UEBA outputs, case notes, and executive questions — but no consistent way to connect those inputs into exposure, priority, action, and proof.

Friction: Activity vs Exposure Reduction

The Leadership Friction

Leaders ask whether the program is reducing risk, but teams can only describe activity.

Friction: Signal volume vs Remediation roadmap

The Analyst Friction

Analysts see issues, but teams lack a clear way to decide what to fix first.

Friction: Signals vs Business-centric decisions

The Tool Friction

Technical tools generate signals, but those signals do not automatically become business decisions.

Friction: Static findings vs Multi-year funding

The Assessment Friction

Assessments produce findings, but findings often stall before becoming funded roadmaps.

ITMG exists to close that gap.

OUR ROLE

We help insider-risk teams turn program complexity into exposure clarity.

ITMG works at the intersection of insider-risk governance, investigations, legal and compliance requirements, technical controls, executive reporting, and program transformation. We help organizations decide where exposure exists, what matters most, what actions should be prioritized, and how progress should be demonstrated.

Assess exposure

Establish where insider-risk exposure exists today, what conditions are driving it, and where the program needs more confidence or coverage.

Prioritize action

Translate findings into ranked recommendations, roadmap decisions, ownership, and sequencing.

Strengthen governance

Clarify decision rights, stakeholder responsibilities, operating cadence, escalation paths, and executive oversight.

Prove progress

Convert program activity into metrics, evidence, maturity improvement, and leadership-ready reporting.

FROM EXPERIENCE TO PLATFORM

RiskTKO was built for the work detection tools do not manage.

Insider-risk teams are asked to do more than detect threats. They have to assess exposure, prioritize limited resources, brief executives, justify decisions, track progress, and show measurable program improvement.

Much of that work still happens outside traditional tools — across assessments, risk registries, organizational profiles, insider profiles, roadmaps, spreadsheets, and recurring briefings.

RiskTKO brings that management work into one structured flow. It starts with defined program inputs and turns them into exposure clarity, recommended actions, roadmap clarity, and defensible evidence.

No deployment is required to begin. RiskTKO starts with the program knowledge your team already has.

Operational & Strategic Flow

Inputs
Exposure Clarity
Prioritized Actions
Roadmap Decisions
Executive Proof

Built for the operational and strategic layers of insider-risk management — where leaders need clarity, prioritization, defensibility, and measurable progress.

FOUNDER
Shawn M. Thompson, Esq. - Founder and CEO of ITMG and creator of RiskTKO

Meet Shawn M. Thompson, Esq.

Founder of ITMG. Insider-risk executive. Attorney. Senior Special Agent.

Shawn M. Thompson, Esq. is a nationally recognized insider-risk executive, attorney, and former senior federal official with more than two decades of experience across insider threat, counterintelligence, cyber, employee investigations, legal strategy, and national security.

He built and led Google’s Global Insider Risk Management service, helping elevate insider risk from tactical monitoring to executive risk management. His work connected assessments, technical signals, governance, maturity measurement, and board-level risk conversations into repeatable enterprise offerings.

Before Google, Shawn founded ITMG and built a specialized insider-risk advisory practice supporting more than 300 engagements, 150 capability assessments, and 20,000 consulting hours for over 100 Fortune 500 clients, including Nike, Apple, Dell, and Baxter. His advisory work helped organizations move beyond fragmented tools and ad hoc investigations into measurable programs with maturity baselines, risk registries, prioritized roadmaps, governance models, and executive reporting.

Shawn previously served at the National Security Agency as an Insider Threat Program Manager, Senior Special Agent, and Senior Litigation Attorney, where he helped expand NSA’s insider-threat program into a governed enterprise capability covering vetting, monitoring, investigations, controls, training, policy, compliance, and executive coordination. He also chaired the Intelligence Community Insider Threat Mission Group and contributed to national insider-threat policy.

At the FBI, Shawn served as Assistant General Counsel and supported investigations involving economic espionage, insider threats, cyber intrusions, counterintelligence, and national security. He also contributed to the successful prosecution of ten Russian spies linked to the Russian Illegals Program.

Shawn is the author of multiple insider-risk publications, including Insider Risk Management, Insider Threat Program: Your 90-Day Plan, and The Ultimate Guide to Building an Insider Threat Program.

Former

  • NSA Insider Threat Program Manager
  • FBI Assistant General Counsel
  • Federal Prosecutor
  • Google Global Insider Risk Practice Lead

Advisor to

Fortune 500 insider-risk, cyber, legal, compliance, and investigations teams.

Author of

  • Insider Risk Management
  • Insider Threat Program: Your 90-Day Plan
  • The Ultimate Guide to Building an Insider Threat Program
WHY THIS MATTERS

Insider risk sits at the intersection of people, data, law, technology, and leadership.

That is why ITMG’s perspective is different. We do not view insider risk as only a security-monitoring challenge. Effective insider-risk management requires cross-functional alignment, defensible decision-making, proportional action, legal and compliance awareness, technical signal interpretation, and executive communication.

01

Legal and regulatory judgment

Insider-risk decisions often involve privacy, employment, compliance, investigations, regulatory exposure, and proportionality. ITMG brings legal and investigative experience to help teams make decisions that are practical and defensible.

02

Operational program leadership

Insider risk requires more than policies and alerts. Programs need governance, cadence, decision rights, escalation models, risk ownership, and measurable maturity improvement.

03

Technical signal translation

Technical signals only create management value when they are connected to exposure decisions, cohort context, investigations, control gaps, and roadmap priorities.

04

Executive risk communication

Leadership does not need more raw findings. Leaders need clear exposure narratives, prioritized actions, forecasted improvement, and evidence that the program is reducing risk.

EDUCATION AND ENABLEMENT

Helping insider risk mature from detection to exposure management.

ITMG’s work extends beyond advisory and technology. Through training, publications, and executive community-building, ITMG has helped shape how organizations think about insider-threat and insider-risk program maturity.

Shawn created the ITMG Academy and founded the Insider Risk Advisory Council to strengthen the market leadership pipeline and executive best-practice community.

Thought Leadership Spotlight

As a pioneer in modern insider risk exposure management, ITMG has championed the industry shift from reactive alert-chasing to proactive, outcome-driven exposure models that allow organizations to consistently measure, prioritize, and reduce exposure.

Ready to see what exposure management looks like in practice?

RiskTKO helps insider-risk teams move from fragmented inputs to exposure clarity, prioritized action, forecasted impact, and executive-ready proof.

Ready to see the platform?

Walk through the RiskTKO command center, exposure workflow, and executive-ready outputs.

Need a baseline first?

Use an ITMG-guided exposure assessment to clarify your current exposure, capability gaps, and priority actions before you evaluate next steps.

Want proof before you engage?

Review a sample exposure briefing to see how RiskTKO turns fragmented inputs into executive-ready evidence.