The Identity Blog

Background image

Seczetta Included In New Gartner Market Guide For Insider Risk Management Solutions

FALL RIVER, Mass. – January 29, 2021SecZetta, the leading provider of third-party identity risk solutions, today announced it was included in the Gartner December 2020 Market Guide for Insider Risk Management Solutions.

According to Gartner, “Security and risk management leaders have observed an increase in demand for assessing and managing insider risk, including surveillance of high-risk workers and anomaly monitoring of critical applications and data.” The Market Guide was created to help organizations understand and implement insider risk mitigation, and references SecZetta as a company offering products that deliver insider threat detection capabilities.

“Data shows more than 60% of reported insider threat incidents were the result of a careless employee or contractor, and the Verizon Insider Threat Report names third parties as one of the top 5 insider threat actors,” said David Pignolet, CEO of SecZetta. “These breaches are costly — organizations impacted by insider threats spent an average of $11.45 million in 2020, up 31% from $8.76 million in 2018. The need for Insider Risk Management Solutions is growing and SecZetta is proud to be a key player offering these products to organizations worldwide.”

Gartner reports the transition to remote working due to COVID-19 has focused many management teams on how to effectively monitor workers and ensure working practices that lie within organizational risk tolerance. It also noted vendor-led initiatives that conflate insider threat situations with performance management risk, alienating a workforce already under pressure from the effects of the pandemic.

Gartner recommends security and risk management leaders with a responsibility for technology, information and resilience risk should:

  • Separate insider threat detection and policy enforcement from performance and activity tracking functions by implementing clearly defined workflows and triggers. While tooling may be similar, the functional drivers, outcomes and stakeholders are very different.
  • Reduce the risk of insider threats by implementing comprehensive security awareness training and monitoring for indicators of non permitted
  • Increase visibility and data protection by implementing insider threat monitoring against third-party vendor and partner accounts.