“Legitimate access to controls rules the cyber threat landscape. Insider threat investigations are complex to solve and rely on combinations of technical forensic analysis, threat intelligence capabilities and traditional non-cyber investigative techniques,” said Jurgen Kutscher, Executive Vice President, Service Delivery, Mandiant Consulting. “No one understands this unique threat vector better than Mandiant. This is the reason we formalized a service model to help commercial and government organizations design, assess and establish a continuous, full-spectrum insider threat visibility and prevention program.”
Mandiant uses a “follow the data” security model to deliver actionable, organization-specific recommendations. This approach is designed to identify weaknesses and vulnerabilities across existing safeguards, improve program capabilities and reduce the overall risk of insider threats. Mandiant Insider Threat Security Services are controls agnostic and available as a point-in-time assessment or an ongoing, subscription-based program.
Insider Threat Program Assessment
The Insider Threat Program Assessment is a purpose-built, point-in-time service to assess organizations with a nascent or existing insider threat security program. Designed to follow the data rooted in three core domains – people, processes and tools – Mandiant leads dedicated workshops to identify gaps and vulnerabilities in the client’s specific environment. Available in three tiers to meet situational client needs, the Insider Threat Program Assessment delivers detailed, organization-specific recommendations and actionable roadmaps for tailored program outcomes.
Insider Threat Security as a Service
The Insider Threat Security as a Service is a holistic, subscription-based program that provides organizations with continuous, full-spectrum insider threat visibility, prevention, incident response, remediation and real-time threat intelligence. Powered by Mandiant Threat Intelligence, this service is imperative for organizations with a remote workforce and sensitive data that could be stolen or leaked. The Insider Threat Security as a Service provides delivery of regular executive briefings, insider threat activity case files and reporting, and threat intelligence specific to the client’s environment. Available in three tiers, this service has comprehensive coverage and expertise to accommodate program needs of all sizes, at scale.