Insider Summit (IS9) 2025: New Name, New Takeaways

Last week, I attended the rebranded 9th annual Insider Summit in Monterey, CA. It was an invaluable opportunity to connect with our community of friends, colleagues, insider risk program experts, and those just starting their journey to tackling this space. There was a growing number of private sector organizations in attendance, looking to learn from insider risk management leaders and better understand how our tight knit community can support their top use cases.

I flew directly to Monterey this time and lucked into an interesting conversation on my flight about the value of specific HR indicators and how solid alignment between HR, IT, and security teams can literally prevent an incident.

This year, the IS9 agenda spanned three days, with the last day dedicated to vendor product sessions. Topics throughout the event ranged from workplace safety, employee wellness and suicide risk indicators to case studies from experts in the field. It’s great to be part of the evolving conversation on the key aspects of building an insider risk program with those who have learned important lessons over years of experience. That enables new programs to skip the common mistakes that plague any new security initiative. And we know that insider threats are important to the board, and they can affect stock price.

IS9 Takeaways

After last year’s event, I talked about common themes across sessions. This time, I pulled out a few notable comments that seemed key to remember.

Risk Can be Anyone

Perhaps an obvious one but speakers talked about all the places risk originates and if you’re not taking seriously the risks that contractors, subcontractors, and consultants bring, you are opening yourself up to significant issues. The supply chain is a common entry point for security threats, and it can be challenging to adequately secure because visibility is often low. But it’s not just that. With the changing landscape of gray zone conflict and foreign interference, and the increases in intellectual property theft and financial fraud, it’s clear that risk can originate with anyone in an organization, so it is critical to understand early warning indicators. 

One speaker shared that employee wellness cuts back on the attack surface. People who feel connected, supported, and valued at work are much less risky. Strong leadership recognizes this.

Don’t Just Focus on the Data

We hear all the time in threat detection and response about the overwhelming amount of data and number of alerts that analysts must weed through to find that needle in a haystack but in insider risk, we know stopping the next attack goes beyond Windows logs. It is about understanding the human element associated with insider threats and digging into the psycho-social sensors that identify the subtle activity and early warning indicators that something risky is happening.

A true behavioral sciences approach to insider risk management tackles this gray area that enables the identification of a foreign asset—much faster than other security tools.

Deputize Within the Organization

I loved hearing this comment about empowering others within the organization. It aligns perfectly with everything we have been saying for years here at DTEX about the correlation between multi-team collaboration and program effectiveness. It is impossible to move from firefighting to fireproofing working alone. With an ‘eagle’s nest’ approach and everyone working together, there is a much higher chance of success.

Rise of the ‘Curious’ Insider

At DTEX we usually talk about malicious, careless, and compromised insiders. A great comment came from Dawn Haley from Duke Energy about what she calls the “curious insider”. She described the value of having new people join her team—new to the team but also sometimes new to this space. These employees, interns, and innovators come in with fresh eyes, new perspectives, and different expectations about insider risk. Embrace how these folks think about and misuse the tool sets. You can learn a lot.

IS9 Wrap Up

The obvious truth is that no security stack is perfect, and we are all under great pressure to prevent the next data breach. Risk is highly dependent on employees, including your extended and growing ecosystem. Prevention will come from a solid combination of good technology, supportive leadership, collaboration, and a hardening workforce.

It was really great to reconnect with many familiar faces and to meet new folks who are just getting started with insider risk and looking for mentors from the trenches. It’s the best way to get going and to avoid the missteps of inexperience. I am looking forward to following the journey of our new community members and seeing what new insights they bring.

DTEX InTERCEPT^TM is a purpose-built insider risk management platform that consolidates the essential capabilities of user and entity behavior analytics (UEBA), user activity monitoring (UAM) and data loss prevention (DLP) in a single, light-weight platform to provide early detection and mitigation of insider risks. InTERCEPT captures behavior trends with situational context from across an estate to form a holistic understanding of insider risk. It is deployed in many of the world’s most complex and highly regulated environments including government, critical infrastructure, energy, pharmaceuticals, banking, and finance.

Request a demo to learn more about how InTERCEPT enables proactive insider risk management