ITPM as a Service
The Insider Threat Program Manager (ITPM) is a new and expanding senior level role in corporate information security. The ITPM is responsible for identifying, measuring, and mitigating risks posed by trusted insiders. They develop and manage formal insider threat management programs and integrate insider threat management policies and procedures into existing information security governance structures. The ITPM also must identify and implement insider threat solutions and services in a cost-effective manner.
There is a shortage of experienced individuals capable of successfully meeting the ITPM requirements. A simple training certificate is insufficient to meet these demands. A true ITPM should have at least 10 years of hands-on experience managing insider threats and designing programs to prevent, detect, and mitigate such actions. Moreover, a true ITPM should have experience across a range of disciplines to include physical security, information security, personnel security, security risk management, as well as an understanding of the legal aspects of managing insider threats.
How ITPM as-a-Service can help your business
ITPM as-a-service is new ITMG offering available to businesses looking to ensure that they have insider risk leadership, without the need to recruit and employ a permanent member of staff. ITPM as-a-service removes both the cost burden and the challenge of finding the right person by making available industry recognized experts who can be leveraged, as needed, to cover the insider security needs of the business. ITPM as-a-service is designed for organizations that need someone to take responsibility for the growth of their insider threat program, but don’t need a full-time ITPM.
The Cost of Hiring a Full-Time ITPM
Hiring an ITPM is expensive. Not including the cost of finding, recruiting, and processing, it will cost you an average of $222,000 per year to hire a full-time ITPM. (Source: US Dept. of Labor) Let’s see how this breaks down:
|Average base salary:||$170,00|
|Legally required benefits (social security and Medicare)||$13,600|
|Life, health, disability insurance||$14,450|
|Paid leave (vacation, holiday, sick, personal)||$11,900|
|Employer contribution to retirement||$7,650|
We provide everything you need at a fraction of this cost!
Flexible and Tailored Pricing Model + Expertise = ROI
ITPM as-a-service is based on a flexible-retainer model. This means you only pay for services that you actually use, so we eliminate the guesswork as well as the need to pay a full-time ITPM to “sit in his chair.” If you don’t use your hours for the month, they simply rollover to the next month. There are multiple factors that contribute to the retainer amount, but it is always a fraction of the cost of hiring an ITPM. Typically, ITMG clients realize 75-80% savings over hiring a full-time ITPM, and because they are getting a dedicated resource with access to bona fide insider threat experts, they get a lot more for their money!
What’s included in ITPM-as-a-Service?
With ITPM as-a-service, any service ITMG offers is immediately available to you. Typically, organizations engage ITMG to add insider risk expertise and guidance to their team, create Insider Threat Programs, advise on legal and privacy matters, select tools, and to conduct risk assessments . Once in our ITPM as-a-Service program, you have immediate, discounted access to all ITMG offerings including:
- Program Development
- Policy and Procedure Creation
- Employee Investigations
- Incident Response
- Tool Selection and Implementation
- Strategic Advising
- Legal and Privacy Consulting
- Training and Awareness
- Insider Risk Assessments