Sign up to save your podcasts
Or
Share The missing home for an Insider Threat Program: Why organisations need a dedicated function
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The missing home for an Insider Threat Program: Why organisations need a dedicated function
"The problem with collective responsibility is that it often leads to collective irresponsibility," said Michael Novak.
Nowhere is this more evident than in the way many organisations manage insider threats - fragmented across departments, lacking clear ownership, and often deprioritised.
In this episode, Marina Shteinberg and Timothy Slattery from Pentagram Advisory explore why insider threat programs frequently struggle without a dedicated home. They discuss the risks of disjointed responsibilities, the pitfalls of over-reliance on technology without human oversight, and the regulatory pressures facing critical infrastructure organisations under the Security of Critical Infrastructure Act 2018.
💡 So, what’s the solution?
Marina and Timothy make the case for a centralised insider threat management function—one that integrates security, HR, IT, and leadership to create a proactive, risk-based approach that balances technology with human behaviour analysis.
Tune in for practical insights on how organisations can build resilient insider threat programs that go beyond compliance and drive real security outcomes.
View all episodes
By Pentagram Advisory"The problem with collective responsibility is that it often leads to collective irresponsibility," said Michael Novak.
Nowhere is this more evident than in the way many organisations manage insider threats - fragmented across departments, lacking clear ownership, and often deprioritised.
In this episode, Marina Shteinberg and Timothy Slattery from Pentagram Advisory explore why insider threat programs frequently struggle without a dedicated home. They discuss the risks of disjointed responsibilities, the pitfalls of over-reliance on technology without human oversight, and the regulatory pressures facing critical infrastructure organisations under the Security of Critical Infrastructure Act 2018.
💡 So, what’s the solution?
Marina and Timothy make the case for a centralised insider threat management function—one that integrates security, HR, IT, and leadership to create a proactive, risk-based approach that balances technology with human behaviour analysis.
Tune in for practical insights on how organisations can build resilient insider threat programs that go beyond compliance and drive real security outcomes.