For the past few years, Cyber Security programs have been the primary focus on defending against external threats. RISC develops policies and standards in support of creating an Insider Threat program and create practical use cases for monitoring of internal threats from a second line of defense perspective.

Insider threat is critical to our clients’ success as regulators continue to sharpen their focus on this area. RISC will lead the efforts to create and manage our clients overarching Insider Threat strategies and policies. RISC will work with our clients’ leadership, businesses, subsidiaries, teams, and partners to determine an Insider Threat strategy to effectively safeguard their information assets; particularly our clients' information, and to maintain a culture of security through its Insider Threat program.

To manage threats, professionals must understand risk management and its elements: threat, vulnerability, consequence, and value.  

• THREAT - Adversary's and/or competitors may attempt to acquire protected information and technology without authorization

• VULNERABILITY - Gaps and/or weaknesses in the security barrier that adversary and/or competitors can exploit

• CONSEQUENCE - Damages to Private Industry, the US government and the company resulting from the adversaries theft

• VALUE - Advantages provided to the adversary and/or competitor after acquiring the protected information and technology

Professionals must understand the unique risk inherent to operating in a globally connected and competitive environment. A clear risk assessment will provide the tools to manage competitive pressures and employing counterintelligence, intelligence, security strategies, methodologies and techniques will most effectively counteract the threats.