Insights & Perspectives

Our thinking on insider risk

Case analysis, regulatory commentary and practitioner perspectives.

4 articles

The Belfry of Ghent — a symbol of structured oversight and governance

A Pragmatic Approach to Insider Risk Management

Most organizations cannot tell you whether their insider risk program works. We built a structured methodology covering nine capability domains and nine quality axes to find out.

Read article →

The Belfry of Bruges — a symbol of trust and oversight in European governance

Belfort Advisory17 March 2026·5 min

When Your Incident Response Partner Becomes Your Biggest Insider Threat

Three ransomware negotiators indicted for secretly working with ALPHV/BlackCat while negotiating on behalf of victims. Why IR providers are an insider risk blind spot.

Wall of surveillance cameras pointing in different directions — monitoring is only one piece of insider risk management

Belfort Advisory10 March 2026·5 min

What Is Insider Risk?

Insider risk is the potential for harm caused by people with legitimate access. It covers malicious insiders, negligent employees, and compromised accounts — and most programs only address one of the three.

Server room with glowing cables and network infrastructure — the same systems that protect against external threats also govern insider risk

Belfort Advisory3 March 2026·5 min

Insider Risk Is Not a Separate Discipline

The industry treats insider risk as its own domain with dedicated teams and tools. We think that model is wrong. Infrastructure, identities, and information are the same surfaces whether the risk is external or internal.

Coming soon

Events & speaking engagements

Conferences, workshops and speaking engagements where the Belfort team shares perspectives on insider risk, digital forensics and regulatory compliance.