The World’s Heaviest Anchor: Is Your Internal Threat Protection Weighing You Down?

4 min Read


It had taken 92 horses, 47 coaches and 84 gallons of sweat to haul the anchor to the harbor. And no wonder — it was almost as tall as the ship’s mast, and its golden edges glistened as the concrete underneath sagged.

The captain said: “I can’t wait to integrate this solution into our operations. We’ll never drift again!” Granted, that was an unusual choice of phrase — but the captain had recently been made redundant from his cyber-security role at a large corporation. Some said he was struggling to let go.

The real reasons for his departure were fuzzy, but word below deck was that it had to do with unmitigated insider risk, a poor user experience, and thousands of dollars lost. The crew felt for their captain. After all, everyone knows the average organization experiences 13 data exposure events per user per day1. And data breaches from insiders can cost as much as 20% of annual revenue.1

Needless to say, the captain was determined to get this job right, so he wasn’t taking any chances with the anchor. He asked his crew to tie it to the side of the boat and push it off the edge. And even though a storm came that night, the boat wouldn’t budge. The captain punched the air: “Let’s set sail to the next checkpoint on our technical roadmap!”

But there was a problem. Try as they might, the crew couldn’t haul the anchor back onto the deck. The captain (who now preferred to be known as the Aquatic Solution Lead) muttered something about sunken costs before marching to the stern, where his crew were lined up, ready for one last try.

Taking the lead at the front of the haul line, our hero shouted “1!… 2!… 3!”. The crew pulled as hard as they could — heaving the anchor off the seabed and up towards the boat. Naturally, this shift in weight caused the boat to sink—fast. Our captain was never seen again, but one survivor could have sworn they heard him scream “Serious threat detected! Scan required!” as the ship went down.

Many insider threat solutions are just like the anchor in this story

They perform their role to the extreme, without any recognition of the practical reality they’ve been installed in.

They block users from taking everyday actions, making it harder for teams to collaborate, harming innovation, and weighing down your organization. That’s why you need insider risk protection that empowers users to collaborate, and only intervenes when absolutely necessary.

Introducing Incydr: the intelligent, comprehensive insider risk protection platform that combines automated insider risk detection with continuous security monitoring. Working in the background, it constantly monitors assets and user behavior in real-time to identify threats. This takes away the need for manual input and rules, which can be prone to stifling employee productivity and morale.

Instead of continuously blocking, questioning, and accusing your teams, Incydr continuously combs file activity to look out for signs of misuse, and only intervenes when it needs to. Think about that next time you’re choosing a new anchor for your boat.

In the meantime, for more information on how Code42 can help you manage Insider Risk, check out Incydr today.

1. Code42: 2021 Aberdeen Research Report