How have you dealt with employee privacy concerns when implementing your insider risk management program?

Security & GRCRisk ManagementThreat & Vulnerability Management+1 more
1.8k views4 Comments
Director of IT in Manufacturing, 5,001 - 10,000 employees
we use NDA & data loss prevention
Chief Technology Officer in Media, 2 - 10 employees
Insider risk management programs are designed to identify and mitigate potential risks posed by employees or other insiders to an organization's sensitive data, systems, or operations. While implementing these programs, it is essential to balance the need for security with respecting the privacy and rights of employees
CTO in Software, 11 - 50 employees
When executing our insider risk management program, we have employed the following strategies to address employee privacy concerns: We make sure the program complies with all applicable privacy laws and regulations, including the GDPR or CCPA, and before collecting any data from our employees, we get their consent about the precise data we want to collect and how it will be used. This will help them ensure that their privacy will be protected. To further assure the safety and security of the data we gather, we additionally use secure data handling and encryption.
Vice President Information Technology in Finance (non-banking), 201 - 500 employees
We have insider risk management policy which also covers the privacy concerns of the employees. They are aware of what data is being collected, how it will be securely stored and used for the stated purpose

Content you might like

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & LeadershipStrategy & ArchitectureCloud+57 more
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
142 19 Replies
Read More Comments
41.7k views131 Upvotes319 Comments

Does your organization have DKIM?

End-User Services & CollaborationSecurity & GRCProductivity Tools

Yes68%

No24%

Planning to8%


206 PARTICIPANTS
980 views2 Upvotes

Does the risk of Ransomware and malware propagation bother you? Is IoT security a top of mind for you? To protect against many risks, we have witnessed success of micro-segmentation in the data center. Would you be willing to deploy similar solution for the campus? I am very curious to get your feedback?

Security & GRCThreat & Vulnerability Management
Read More Comments
3k views5 Upvotes5 Comments

Has your company pursued any cybersecurity accreditations or certifications strictly for cyber insurance policies? (select all that apply)

People & LeadershipStrategy & ArchitectureProcess Management+3 more

Yes, we have pursued new accreditations or certifications strictly to help reduce our cyber insurance premiums29%

Yes, we have pursued new accreditations or certifications strictly to obtain cyber insurance39%

No, we have not pursued new accreditations or certifications strictly for reasons related to cyber insurance39%

We do not have cyber insurance12%

Not sure2%


272 PARTICIPANTS
771 views2 Upvotes2 Comments

Any recommendations on OT security product? I tried pushing Crowdstrike but it wasn't approved by OEMs. Other two are Claroty and Nozomi. Any feedback either on above two or any other as per your experience?

Security & GRCStrategy & Architecture
Read More Comments
1.9k views1 Upvote2 Comments