Consultancy

Protecting Your People and Your Assets

Why start an insider risk programme? There are several answers: 

  • It’s an insurance policy against your strategy, protecting innovations, intellectual property and trade secrets that generate future revenues.
  • It’s an employee well-being initiative, fulfilling an organisation’s duty of care responsibilities.
  • It’s a unifying and sharing catalyst, aligning diverse functions with purpose.

It’s also a complex undertaking. Our expertise is in helping organisations cut through this complexity by designing, implementing and improving insider risk programmes appropriate to their situation. We can assess the maturity of insider risk countermeasures, knit together existing investigative processes into a unified model, think strategically about roadmap priorities or suggest detailed metrics to demonstrate programme value – our focus is determined by your needs.

Organisations just starting their insider risk journey will need to progress through the three phases outlined below. Signpost Six offers tailored solutions for each phase, helping you adapt to changing threat environments and mature your programme to the next level.

 

Assess

Insider risk analysis & assessment 

To understand where you need to go, you must first understand where you are. Many companies already assess elements of insider risk individually but rarely evaluate how these countermeasures combine into a holistic approach. That is our speciality. We analyse threats, organisational context and current countermeasure maturity to identify countermeasure gaps that expose the organisation to unnecessary risk.  

Phase I

Design

Insider risk strategy and prioritised road map
The gap analysis conducted in Phase I informs the design of an insider risk programme. Working together with you to understand your culture and stakeholder sensitivities, we help shape the initial programme strategy and roadmap. The strategy is further shaped during the stakeholder validation process and recommended pilot.

Phase II

Implement

General programme implementation and learning

The hard work of implementation requires quick wins and sustained momentum. In this phase we can take on the role of interim programme manager, setting up the programme and handing it over to your insider risk team once it is functional and trained. Our insider risk starter kit contains all the documents a programme manager needs to stand up a programme quickly - governance charters, policies, tailored metrics, run books, among other helpful documents. We also have numerous training options to get that first (and last!) stakeholder on board. 

Phase III

Ongoing Support

Want to know more?

Dennis Bijker

2022: Insider Risk Year in Review

Posted inBlog
  By Elsine Van Os Unprecedented geopolitical changes and security threats have alerted many Western countries to espionage at…

Factsheet: Insider Risk Assessment

Posted inBrochures
In recent years many organisations have invested in strengthening their security defences. But as defences become stronger, external actors…

Factsheet: Insider Risk in the Financial Sector

Posted inBrochures
The financial services sector is the main engine of our economy. Organisations within this sector vary widely in size,…