What tools do you use for insider threat detection?

3.4k views16 Comments

Sort by:

Founder & CISO in Education3 years ago

A mix of Endpoint Detection, logging and monitoring from the IAM and PAM, SIEM, and DLP.

VP of Information Security in Finance (non-banking)3 years ago

There are number of tools that we use to detect insider threats, including but not limited to Splunk, SIEM, and DLP tools.

Director in Construction3 years ago

We focus on the tools with our Microsoft license

Director, Security Operations in Telecommunication3 years ago

We're using several different tools that provide for monitoring of these type activities, these include services available from Microsoft as a part of their Azure/O365 offering, as well as Privileged Access Management tools and 24x7 real-time log monitoring.

CIO/CISO in Healthcare and Biotech3 years ago

We use SIEM as our system of record for collecting/correlating insider threat information, along with data exfiltration protection (DLP/CASB).

Content you might like

Does your org distribute any seasonal cyber awareness materials that address black friday/cyber monday phishing scams?

Yes79%

No16%

No, but we might do this next year5%

View Results

I’m in the process of developing and formalizing the Risk Appetite Statement (RAS) for my organization, a public transport operator. Before we bring the draft to the Board, I’d appreciate your views on the best approach for engaging the Senior Leadership Team (SLT): Is 1:1 engagement more effective to gather candid input? Or would a group workshop be better to align perspectives and drive collective ownership? If anyone has experience developing a RAS specifically for a public transport or infrastructure-focused entity, I’d love to hear your lessons learned or key considerations. Appreciate any tips or tools!

A common challenge in our risk-tiering framework for suppliers is that even the lowest risk tier still requires processing.
Has anyone implemented a "not relevant" risk tier in their model?
This tier would apply to vendors posing genuinely negligible security risk.

Is your organization using encryption extensively?

Yes85%

No15%

What tools do you use for insider threat detection?

Sort by:

Content you might like

Does your org distribute any seasonal cyber awareness materials that address black friday/cyber monday phishing scams?

A common challenge in our risk-tiering framework for suppliers is that even the lowest risk tier still requires processing.
Has anyone implemented a "not relevant" risk tier in their model?
This tier would apply to vendors posing genuinely negligible security risk.

Is your organization using encryption extensively?

How are you diversifying threat intelligence sources? Have you been able to reduce reliance on CISA for TI?

What sets us apart?

Take Your Insights On-the-Go

What tools do you use for insider threat detection?

Sort by:

Content you might like

Does your org distribute any seasonal cyber awareness materials that address black friday/cyber monday phishing scams?

A common challenge in our risk-tiering framework for suppliers is that even the lowest risk tier still requires processing.Has anyone implemented a "not relevant" risk tier in their model?This tier would apply to vendors posing genuinely negligible security risk.

Is your organization using encryption extensively?

How are you diversifying threat intelligence sources? Have you been able to reduce reliance on CISA for TI?

What sets us apart?

Take Your Insights On-the-Go

A common challenge in our risk-tiering framework for suppliers is that even the lowest risk tier still requires processing.
Has anyone implemented a "not relevant" risk tier in their model?
This tier would apply to vendors posing genuinely negligible security risk.