With organisations worldwide reporting year on year increases in Insider Threat incidents, and as technology improves and the legislative environment becomes more stringent for sectors such as Critical Infrastructure, businesses are increasingly implementing continuous monitoring systems to detect potential trusted insider incidents. These continous monitoring systems are advanced analytics solutions which consume a variety of datasets, to which analytical models are then applied. The output of this process is generation of what are colloquially termed ‘alerts’. This article explores the concept of an alert, unpacks the three levels of alert in continuous monitoring systems for insider risk detection, and important considerations for executives in the design and implementation of Level 2 and Level 3 alert management programs. Continue reading →