What is the best Insider Risk Management solution?

Security Strategy & Roadmap
5.1k viewscircle icon7 Upvotescircle icon22 Comments
Sort by:
CTO in Software4 years ago

You first need a foundational strategy around IAM (AuthN/AuthX) and then ask this question. If you are looking for an umbrella you are asking the wrong question

Global CTO in Construction4 years ago

Our dedication and time was mainly in the definition of responsibilities within the company (several business units, departments, countries, etc.) and then the functional definition: what do you want, policies, risks, flows, etc. and finally have an empowered owner of the project.

This is the only important thing. If you have doubts about the tool, do a proof of concept with a couple of them. I'm sure you're doing well, that's what happened to us.

VP of IT in Real Estate4 years ago

Should define the problem and the issue before hunting for a solution. Suggest to start defining what insider risk exist in your domain then craft the proposed solution from there

IT Strategist in Government4 years ago

I was more involved in the selection and assessment of the overall Enterprise Risk Management solution. We have selected Resolver, as it met our needs and some end users in the Security community were already familiar with that tool.

CTO in Transportation4 years ago

Before looking for a solution I would try to quantify and analyze the risk. What are you risk vectors? Can you implement simple internal solutions based on education and internal information? Once you have a clear understanding of your risks, you can put together a plan and at that point on you may be able to better evaluate possible solutions.

Content you might like

When did you last update your cyber security incident response plan?

Currently updating IR plan4%

Within the last month24%

1-3 months ago55%

4-7 months ago8%

8-12 months ago3%

Over 1 year ago3%

View Results

We’re currently evaluating Cyble as an AI-native CTI / digital risk protection platform and I’d love to hear from anyone with real-world experience. Our use cases span: – Dark web / cybercrime monitoring – External attack surface management (EASM) – Executive monitoring (VIP / board) – Brand protection (lookalike domains, social impersonation, phishing sites) – Takedown services for fake domains, sites and social accounts For those who’ve used Cyble in production: – How would you rate coverage quality (dark web, brand, ASM) vs other DRP/CTI vendors? – Any feedback on noise levels / false positives and how well their team helps tune alerts? – Real-world experience with takedown speed and success rates (domains, social, app stores)? – How is their onboarding, support, and CSM engagement over time (not just during POC)? Any candid feedback (good, bad, or mixed) would be really helpful as we shape our 2026 external threat intelligence / DRP roadmap.

What sorts of tools are you currently using to inventory cryptography usage throughout the enterprise? (Choose all applicable)

Key management system or certificate life cycle management 15%

Network security appliance 46%

Custom/proprietary solution 31%

App security posture management (ASPM) tool 46%

Cryptographic posture management tool 23%

Something else

N/A

View Results

What key learnings has your organization gained from the cloud outages that we’ve seen this year with Azure, AWS or Cloudflare? Have any of these outage events led you to implement additional resilience measures, or make other changes?

Can you share any effective processes/strategies you’ve used to integrate cyber risk management and enterprise risk management at your org?

Read More Comments