While organizations have long prioritized external cybersecurity risks, many have not paid enough attention to the risks posed by trusted insiders in their organizations. This is a mistake. Insiders often already have access to sensitive data, and the risks, whether malicious or inadvertent, can potentially cause greater damage than external cybersecurity risks.

Two years ago, after a conversation with our Chief Information Security Officer (CISO), Bret Arsenault, we embarked upon an incredible journey developing Insider Risk Management in Microsoft 365, which organizations could use to identify and manage insider risks.

In recognition of these investments, I’m excited to announce that Gartner has listed Microsoft as a Representative Vendor in the 2020 Market Guide for Insider Risk Management Solutions. To us, this recognition reinforces our leadership in delivering an innovative solution that allows organizations to quickly identify and collaboratively manage insider risks while maintaining employee privacy.

According to Gartner, “security and risk management leaders need an insider threat mitigation program that is composed of people, processes and technology.”

A few learnings from the report:

  • The number of incidents has increased by a staggering 47 percent in just two years, from 3,200 in 2018 to 4,700 in 2020.
  • Organizations impacted by insider threats spent an average of $11.45 million in 2020—up 31 percent from $8.76 million in 2018.
  • More than 60 percent of reported insider threat incidents were the result of a careless employee or contractor, and 23 percent were caused by malicious insiders.

We continue to work closely with our customers to gather feedback to help us build better products. Your input provides critical insights as we strive to enrich our Insider Risk Management solution to help you on your journey in identifying and managing insider risks.

For more details about our information archiving solution, visit our website. To learn more about Microsoft Security solutions visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.


Gartner, Market Guide for Insider Risk Management Solutions, 29 December 2020, Jonathan Care, Brent Predovich, Paul Furtado.

Gartner does not endorse any vendor, product, or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.