Insider risk is making headlines and negatively impacting organizations across the globe. Whether caused unwittingly or conducted with malicious intent, damage from insider risk can result in lost revenue, compromise competitive advantage, incur reputational damage, and erode customer trust. 

Today, insider risk is not limited to an organization’s employees. Trusted third parties, such as contractors, vendors, suppliers, joint ventures and partners who have authorized access to your physical sites, data and systems create insider risk vulnerabilities.  And increasingly foreign states and competitors are intentionally targeting employees and infiltrating organizations to steal intellectual property or other critical assets.  Even as organizations fortify their cybersecurity posture, criminal groups and other bad actors are focusing on employees as an easier way to obtain critical assets or cause damage. Regardless of industry sector or type of organization, insider vulnerabilities and risks are multiplying. 

Hear our insights

Insider Risk: A successful programme starts with culture

Insider risk podcast series: A successful programme starts with culture

Catherine Marinis-Yaqub is joined by Doug Thomas of JP Morgan Chase to discuss why culture is a key consideration when establishing and operating an insider risk management programme.

Developing an insider risk programme: Managing CI risks, privacy, and collaboration with law enforcement

Insider risk podcast series: Don’t wait for a crisis to understand your legal obligations

In this episode Catherine Marinis-Yaqub is joined by Pete Marta, a partner in Hogan Lovells’ cybersecurity practice discuss steps organisations need to take before a crisis strikes.

 

Control Risks helps clients manage and mitigate their insider risks and navigate challenging insider threat issues.  Our multidisciplinary team uses a 360-degree approach to address insider risk across the employee lifecycle from hiring to separation, considering internal and external factors that can leave organizations and their critical assets vulnerable to insider risks. From building customized insider risk management programs, to current state assessments, to investigations support, Control Risks’ multi-disciplinary services provide clients with a single, global team to manage insider risks from prevention, detection, and response. We offer:

 

Insider risk management programme support

  • Programme design, development and enhancements 
  • Governance implementation 
  • Critical asset mapping and protection
  • Specialized IP protection programme
  • Training and exercising 
  • Workplace violence prevention and response
  • Insider risk change management programme
  • Vetting for high-risk positions
  • Ongoing maintenance 

    •  

    Insider threat investigations

  • Digital forensics and eDiscovery
  • Forensic accounting
  • Asset tracing and recovery
  • Cybersecurity due diligence 
  • Social media reviews
  • Business intelligence 
  • Digital forensics
  • Data analytics 
    •  

    Programmatic and specialized assessments

  • Current state and maturity assessments
  • Insider critical asset exposure assessments 
  • Counterintelligence and IP protection assessments
  • Behavioral and cultural assessments 
  • Merger and acquisition risk mitigation support
    •  

    Our experts

    Catherine Marinis-Yaqub

    Catherine Marinis-Yaqub

    View bio