Designing Your Insider Risk Program: Policies, People & Technology

What every program needs before the tools, the policies, and the budget conversation.

Stop Architecting in Theory. Start Building What Works.

Knowing you need an insider risk program is one thing. Architecting one that actually works — across conflicting
organizational priorities, legal constraints, union considerations, and technology stacks — is another challenge entirely.

This episode is the practitioner’s blueprint. We walk through the three pillars of a functional IRM program — policy design, cross-functional human coordination, and technology selection — and address the most contentious question: how to build a program that genuinely protects the organization while earning employee trust rather than destroying it.

Key Discussion Topics:

Policy design

What to measure, what to prohibit, what to communicate — and to whom

Cross-functional alignment

Legal, HR, IT, and Security — defining ownership and decision rights

Privacy & ethics tightrope

Employee monitoring without building a surveillance culture

Tooling selection

Matching capability requirements to actual needs, not vendor hype

Detection vs. deterrence

Which matters more — and when to prioritize each

Behavioral science & technology

How human behavior research should inform the tools you choose

Our Speakers

Clea Ostendorf

CoFounder & CEO Wolfpack Security

Mark Davidson

CIO - Western Reserve Area Agency on Aging

Peter Hadjigeorgiou

Field CISO, Teramind