Not a Gartner Client?
Want more research like this?
Learn the benefits of becoming a Gartner client.
Risk and information security practitioners struggle to understand and address insider threats. Gartner did an in-depth survey with 186 participants to understand insider threats through current incidents. Here, we summarize the research and identify steps for addressing different kinds of threats.
Table of Contents
Insider Threats Are Not Mythical
Categorizing the Motives and Attacks
Organizations' Approaches to Insider Threats
Insider Threat Program Foundations
- Awareness and Responsibility Must Begin With Leadership
- Picking Battles and Protecting Crown Jewels
Addressing Insider Threats With Controls That Work
- Technical Controls — They Work But Are Not Enough
- Behavioral Controls: Administrative, Legal and Policy Communications
- Popular Controls for Insider Incident Detection
How This Research Was Conducted
- Insider Threats Are Not Mythical
Gartner Recommended Reading