Which departments/groups within your organization present the biggest risk for insider threats?

Security & GRC Governance, Risk & Compliance

Finance21%

Customer success38%

R&D15%

BoD/executive management teams10%

Sales6%

HR3%

General administration4%

214 PARTICIPANTS

2k views1 Comment

Sort by:

Director of Information Security in Energy and Utilities5 years ago

Interesting poll but the biggest risk is actually not listed on here. It would be your IT organization because they manage/own privilege accounts all over the place that can access data for whole organization. Compromise an admins account and you can have keys to the whole kingdom.

Content you might like

Is your organization's cybersecurity team currently understaffed?

Yes81%

No18%

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

‘AI’ Business Model – With many components flowing into the AI domain (cost, data, E&C, people, value, strategy, duplication of everything, etc.), I’ve started to think about splitting out ‘AI’ from the operating model and putting it into a separate legal entity. This way, I could manage a) risk and compliance, b) cost, c) resource allocation, d) governance, e) IP, f) revenue generation, etc.

Of course, this isn’t new in general, but I’m especially interested in how this approach could help with the ongoing challenge of ensuring compliance with data privacy and regulations related to LLMs and data access/usage over time.

My question: Is anyone else thinking about this, or has anyone already done it? I know there are examples in the literature, but I wanted to float this here for general comments and discussion.

What’s your top barrier to adopting AI-driven pentesting?

Lack of mature vendor solutions42%

Trust in AI accuracy62%

Budget constraints17%

Skills to operate the tools28%

View Results

Has anyone drafted an SOW for a cloud-based SIEM with setup, migration, and maintenance? I’m working on a FedRAMP-authorized SIEM SOW, migrating from on-prem Splunk, covering data, searches, alerts, dashboards, and models. Scope includes Environment Setup: Cloud provisioning, configuration, testing. Connectors/Parsers: Custom data source integration. Content Development: Rules, use cases, threat feeds. Performance Tuning: Query/index optimization. Runbooks: Operational procedures. Also required: 24x7 support, maintenance, lifecycle and application management, role-based training, and documentation. Must comply with NIST SP 800-53, CJIS, and FedRAMP Moderate+. Goal: Secure, scalable SIEM for rapid deployment. I may be missing elements, so suggestions are welcome. Please share redacted SOWs or tips if possible.

Which departments/groups within your organization present the biggest risk for insider threats?

Sort by:

Content you might like

Is your organization's cybersecurity team currently understaffed?

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

What’s your top barrier to adopting AI-driven pentesting?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go