The Tech Edge: Why Insider Risk Management Should Be a Priority in 2025
You know that feeling when you accidentally send a wrong email to your colleague? We’ve all been there! I recently had my own awkward moment when I sent a wink emoji in a professional email that definitely should not have had one. While these small slip-ups might just cause momentary embarrassment, they highlight a much bigger concern: insider risk management.
Insiders – employees, vendors, or partners – open risks to organizations. Whether accidental or malicious misuse of sensitive information, insider incidents can result in financial losses, regulatory fines, intellectual property theft, or damage to a business’ reputation. Forrester’s recent Security Survey finds that 22% of data breaches are caused by internal incidents.
I had the pleasure of interviewing Joanne Klein, CEO of NexNovus (the saying ‘don’t meet your hero’ is WRONG in this case!). Joanne really opened my eyes to just how crucial this topic has become. While my email faux pas might seem trivial, the real scope of insider risks is far more serious and potentially devastating for organizations.
The Digital Tsunami We’re Facing
Think about all the ways we share information in today’s workplace: emails with sensitive attachments, SharePoint and OneDrive document sharing, Teams chats containing personal information, and quick file transfers that might seem harmless in the moment.
Joanne explains, “As that digital footprint grows, so do the data risks that go along with that.” Microsoft reported that SharePoint and OneDrive alone see an additional 2 million files uploaded every minute. Yes, you read that right — every minute! It’s like trying to keep track of every grain of sand on a beach as additional truckloads of sand are being dumped in the same place.
What Exactly is Insider Risk Management?
Gartner defines insider risk management as tools and capabilities that measure, detect, and contain undesirable behavior of trusted accounts in the organization. It includes solutions that monitor the behavior of employees, service partners, and key suppliers working inside the organization. These tools then evaluate whether behavior falls within the expectations of the role and corporate risk tolerance.
Joanne adds that it is about “balancing the need to monitor activities while balancing user privacy and organizational risk.” We’re looking to find, mitigate, and, hopefully, stop altogether security threats from people within an organization to maintain an ethical working environment.
But here’s what I found particularly interesting, because it’s often missing by organizations: successful insider risk management isn’t just about implementing sophisticated tools — it’s about building trust with your employees.
The Human Element: Trust Goes Both Ways
Employees can be a little uneasy with this type of monitoring solution, so the best practice is to be transparent about what the company is doing while ensuring proper privacy controls are in place. Modern tools use anonymization techniques so investigators or admins can assess risky activities without knowing who’s involved, also removing personal bias from the equation.
But it’s really a two-way street where companies should also expect their employees to meet the requirements to secure their data and information. One of the most common scenarios is a departing employee. There’s often confusion about who owns the content created during employment, and some folks might feel entitled to take their work with them by downloading confidential information and saving it in personal devices emailing out documents — it doesn’t quite work that way!
How Serious Can It Get?
In May 2023, Tesla’s massive data breach served as a wake-up call where two former employees leaked nearly 100 gigabytes of confidential documents. We’re talking about personal information of more than 75,000 people, customer files from 2015 to 2022, and production secrets. What are the consequences of this insider’s wrongdoing? They range from lawsuits to penalties that severely damage the brand’s confidence and its bottom line.
An organization’s data is really one of its most valuable assets, so protecting it and preventing its loss is a top priority. However, the challenge is the limited resources that companies have nowadays. Admins will not be able to detect, monitor, and take appropriate actions given the massive growth in the digital footprint. It’s like asking them to do more with less.
Chief information security officers (CISOs) and cybersecurity leaders emphasize the importance of an integrated approach combining preventive controls, human risk management, detection and investigation, and incident response. Policies, guidelines, and investigative work that are outside the bounds of a typical cybersecurity scope are components of insider risk management. Effectively mitigating insider risks requires collaboration among many cross-functional stakeholders — treating it more as a human problem rather than a technical issue.
3 Recommendations for Intelligent Risk Management Solutions
- Implement automated monitoring with privacy controls. Why? Because manual checking of audit logs is like trying to count raindrops in a storm. Automated tools can continuously assess data-related activities and adapt to changing conditions. For instance, when an employee submits their resignation, the system can automatically elevate their risk level and adjust monitoring accordingly. This saves your admins time while ensuring nothing slips through the cracks.
- Establish a comprehensive employee training program. The reasoning is simple: your employees are both your first and last line of defense. Start with thorough onboarding processes and implement regular attestations. Make data handling guidelines clear and part of your corporate culture. Joanne also pointed out, “Most employees definitely want to do the right thing,” so give them the tools and knowledge to do so. This isn’t just about rules — it’s about creating a culture of security awareness.
- Create clear data classification systems. Here’s why these matters: not all data is created equal. You need to be able to distinguish between confidential information and general documentation. Implement a clear system for classifying documents and setting appropriate monitoring levels for each category. This helps prevent both accidental sharing of sensitive information and deliberate data exfiltration. Remembering Joanne’s point: “It’s really important to be able to discern what’s confidential versus what’s just benign.”
Key Takeaways
Insider risk management isn’t just an IT issue, it’s a business survival issue. While we can laugh about accidental emoji slip-ups, the real risks lurking in our digital interactions are no laughing matter. By implementing these recommendations, you’re not just protecting your organization’s data; you’re building a foundation of trust and security that benefits everyone.
Check out this episode and more here: The Tech Edge — Ticker.
Alyssa Blackburn is the Director of Records & Information Strategy at AvePoint, where she helps organisations achieve business value from their information. In her role, Alyssa provides records and information consulting services as well as system implementations, allowing customers to optimise the structure of their information to maximize business benefits while meeting data governance and compliance objectives. With 20 years of experience in the information management industry, Alyssa has worked with both public and private sector organisations to deliver guidance for information management success in the digital age. She is responsible for the development of AvePoint’s information management solution, and has been involved with implementing our records management solution with government agencies and commercial clients. Alyssa is actively involved in the information management industry and has spoken at a number of events including at Inforum 2016 in Perth. She has been published in the RIMPA IQ magazine and recently won the 2016 award article of the year for the RIMPA IQ magazine for her article titled, "Why you need to think differently about information management."
