ESG Insider Threat Program Realities – Report

Insider Threat Program Realities Report

Build a more effective insider threat strategy and understand the approaches of other industry leaders with these insights from ESG.


Despite heightened awareness and increased mindshare dedicated to insider threats, most organizations report that insider threat detection is only growing more difficult. Challenges such as limited budget and resources; expanding attack surfaces and potential points of compromise; and a growing reliance on the user as a line of security defense have left IT and security professionals grappling with the inevitability that their company’s sensitive data and systems will be compromised. It’s no longer a matter of ‘if,’ but ‘when.’

In partnership with Dtex, the Enterprise Strategy Group (ESG) surveyed 300 cybersecurity and research professionals to better understand the root of these challenges… and how to overcome them. The insights revealed include:

Finding Highlights Include:

  • Sixty percent of the organizations surveyed have a narrow view of insider threats, which in turn results in narrowed / limited visibility
  • Two in three respondents struggle to turn increasing amounts of security activity and event data being collected into actionable insights
  • More than half of organizations report significant weaknesses with legacy insider threat technologies such as data loss prevention, behavior analytics and employing monitoring solutions

The report, ‘Insider Threat Program Realities,’ also includes guidance from ESG on how to identify the intelligent, data-driven solutions needed to build an effective insider threat detection and management strategy.

ESG and Dtex will also host a webinar on Tuesday, August 27th at 1:30pm ET to share an in-depth look at the survey findings and provide guidance on how to effectively manage all types of insider threats. Click here to register.

Download the Report:

More Findings Include...

60 %


60% of organizations have a myopic view of insider threats.

62 %


62% of organizations believe insider threat detection has become more difficult in the last 2 years.

61 %


61% of respondents find that traditional UEBA produces a large number of false-positive alerts.