TIMES ARE TOUGH FOR TODAY’S insurers—layoffs, salary cuts, low morale, tired employees—the list just goes on and on. No matter how well companies think
they know their employees, insider threats, intentional
or not, are more probable than ever. This leads to complex risk management.
The second Market Pulse Survey, conducted by
SailPoint Technologies, focused on how companies are
approaching identity governance during the economic downturn, with a particular focus on “insider
threats.” While 86% of the total respondents (
representing a number of industries, including banking,
insurance and health care) are concerned about insider threats, they cannot adequately manage the risk of
data breaches because the majority of them can’t summarize which workers have access to the most critical
applications and data. Of the health care and insurance
companies that responded, 99% are concerned about
“In today’s digital economy, stealing no longer
requires putting your hand in the till,” says Jackie
Gilbert, SailPoint’s VP of marketing and co-founder.
“Employees can now steal electronic data they can
access in the workplace, and there are dozens of
outlets for selling this data on the Internet black
market for profit. Insurance companies have key
pieces of personal customer information—
including birth dates and social security numbers—that
identity data thieves seek. Insurance providers are
As the survey shows, the risk factors are at an all-time high; companies are struggling to adequately
secure sensitive data, making it easier for workers to
commit undetected crimes, Gilbert says.
“Meanwhile, the pressures of the recession—major
layoffs, low employee morale, financial hardship—
are increasing motivation or temptation to commit
If your company’s CIO asked you to present a
complete record of user access privileges for
each employee that same day, could you?
are you about
Do you have a risk management function
within your IT organization? And if so,
does it have a budget allocated to it?
“We have the right
controls in place.”
“It’s just a matter
Risk Management Function?
If faced with a massive layoff at your organi-
zation, could you immediately remove all
access privileges for terminated employees?
“We have some
controls in place.”
“We lack critical