Insider threat events impact organizational reputation, customer trust and investor confidence. In 2019 and 2020, Mandiant responded to numerous customers who experienced corporate and economic espionage, data and backup destruction, and intentional data theft and leakage. The rise in incidents is an increasing challenge for organizations of all sizes and missions as insiders are, by definition, those organizations trust most.

“Legitimate access to controls rules the cyber threat landscape. Insider threat investigations are complex to solve and rely on combinations of technical forensic analysis, threat intelligence capabilities and traditional non-cyber investigative techniques,” said Jurgen Kutscher, Executive Vice President, Service Delivery, Mandiant Consulting. “No one understands this unique threat vector better than Mandiant. This is the reason we formalized a service model to help commercial and government organizations design, assess and establish a continuous, full-spectrum insider threat visibility and prevention program.”

Mandiant uses a “follow the data” security model to deliver actionable, organization-specific recommendations. This approach is designed to identify weaknesses and vulnerabilities across existing safeguards, improve program capabilities and reduce the overall risk of insider threats. Mandiant Insider Threat Security Services are controls agnostic and available as a point-in-time assessment or an ongoing, subscription-based program.

Insider Threat Program Assessment

The Insider Threat Program Assessment is a purpose-built, point-in-time service to assess organizations with a nascent or existing insider threat security program. Designed to follow the data rooted in three core domains – people, processes and tools – Mandiant leads dedicated workshops to identify gaps and vulnerabilities in the client’s specific environment. Available in three tiers to meet situational client needs, the Insider Threat Program Assessment delivers detailed, organization-specific recommendations and actionable roadmaps for tailored program outcomes.   

Insider Threat Security as a Service

The Insider Threat Security as a Service is a holistic, subscription-based program that provides organizations with continuous, full-spectrum insider threat visibility, prevention, incident response, remediation and real-time threat intelligence. Powered by Mandiant Threat Intelligence, this service is imperative for organizations with a remote workforce and sensitive data that could be stolen or leaked. The Insider Threat Security as a Service provides delivery of regular executive briefings, insider threat activity case files and reporting, and threat intelligence specific to the client’s environment. Available in three tiers, this service has comprehensive coverage and expertise to accommodate program needs of all sizes, at scale.