​Insider Risk Assessments

Insider Threat Management Group, LLC.

We understand risk! (Most security practitioners don't!!)

1.  What is my organizations’ current insider risk management capability?

2.  Which components do I currently have and which do I need to develop?

3.  What is the maturity level of each?

4.  What is the level of effort required to achieve an Initial Operating Capability?

5.  What is the level of effort required to achieve a Full Operating Capability?

6.  What are the resource requirements to achieve IOC/FOC?

7.  Which components should I create first to maximize effectiveness and utilize resources most efficiently?  

Our assessments will provide you with granularity that cannot be achieved through any other provider or methodology on the market today.  

Measurable


Our proprietary review methodology and framework provides an objective measure of your current insider risk management capabilities across the ten insider threat program components.


Effective


Understanding your strengths and weaknesses will allow you to more effectively manage insider risks. 


Value-Added


You will understand your 1) overall insider risk management operating capability level 2) your operating capability for each of the ten components 3) your strengths and areas of improvement for each of the ten components and 4) recommendations for improving each of the ten components. Our clients experience immediate return on investment as they are able to allocate resources in a more tailored and cost-effective manner and can answer the following questions:

Understanding your risk posture is an essential step in developing an insider threat program strategy. Our assessments explore the entire organization, including your assets, business environment, threats,
vulnerabilities, security governance, and legal issues. We merge technical, behavioral, process, and policy issues into a single, actionable framework designed to capture all of the Key Risk Factors (KRFs) bearing on the prevention, detection, and mitigation of insider threats.


Our proprietary one-of-a-kind insider risk assessment methodology

combines the best practices of traditional assessment methods (NIST,

ISO and COBIT) with real-world intelligence-grade risk assessment

approaches. The purpose is to identify, understand, and prioritize

risks with an emphasis on proportional and tailored solutions. Our 

assessment methodology is the only one developed by former

Intelligence Community experts with experience in preventing,

detecting, and managing today’s most complex and unique insider

threats.


Our assessment is the only methodology that provides you with a clear and granular

understanding of:


• Insider risk security posture based on our proprietary Key Risk Factors
• Critical assets based on our proprietary Key Impact Factors
• Insider threats posed to your organization based on our proprietary Key Threat Factors
• Vulnerabilities to your assets based on our proprietary Key Vulnerability Factors
• Insider risks posed by third-parties and trusted business partners