Insider threats - whether malicious actors or negligent employees - represent one of the most challenging vulnerabilities organizations face. With insider-driven data incidents increasing 28% in the past year, employees with privileged access create dual risks: exploitation targets for external actors and direct sources of fraud and data compromise. The damage extends beyond financial losses to reputational harm and regulatory consequences.

Traditional perimeter defenses fail against authorized users operating within trusted environments. Effective prevention requires structured programs that balance security controls with organizational culture, combining risk-based frameworks with early detection capabilities tailored to specific threat landscapes.

This session, led by David Pollino, founder of YourSecPro, will cover:

• Frameworks and best practices for developing risk-based insider threat programs with continuous measurement;
• Building awareness cultures that enable early detection and reporting;
• Customizing programs to organizational risk appetite, culture and regulatory requirements.