Skip to main content
Methodology v2.1 • Updated September 2025

Assessment Methodology

Complete transparency of our insider risk assessment framework including scoring methodology, research sources, and the scientific foundation behind our 5-pillar evaluation system.

Five-Pillar Scoring Framework

Our assessment evaluates organizational maturity across five research-validated pillars, each weighted based on economic impact and incident frequency data from authoritative sources.

Visibility & Monitoring

25% Weight

Comprehensive monitoring and detection of insider activities across your organization

Research Rationale

Gartner's 'Rule of Three' framework identifies visibility as the foundation for detecting the three threat types (careless users, malicious users, compromised credentials). 85% of effective programs utilize User Behavior Analytics (UBA).

Prevention & Coaching

25% Weight

Proactive measures and training to prevent insider threats before they occur

Research Rationale

Since more than 50% of insider incidents lack malicious intent, prevention programs are essential. Organizations with comprehensive prevention reduce incident costs by 31% and experience 27% fewer insider threat events.

Investigation & Evidence

20% Weight

Robust capabilities for investigating incidents and preserving digital evidence

Research Rationale

Organizations with mature investigation capabilities reduce average containment time from 67 days to 52 days, saving an average of $2.1M per incident.

Identity & SaaS Management

15% Weight

Strong identity management and secure access controls for cloud applications

Research Rationale

Gartner's 2024 research shows that 92% of insider incidents involve identity-related vulnerabilities, making robust IAM controls essential.

Phishing Resilience

15% Weight

Advanced protection against phishing attacks and social engineering

Research Rationale

Verizon's 2026 DBIR identifies phishing as the enabler for 62% of breaches with human elements, making comprehensive phishing resilience critical.

Scoring Methodology & Calculation

Transparent documentation of how scores are calculated, normalized, and benchmarked

Assessment Structure

Total Questions:20
Scoring Scale:0-100 points per pillar
Final Score:Weighted average across all 5 pillars

Calculation Formula:

IRI = Σ(pillar_score × pillar_weight) for all 5 pillars

Maturity Levels

0-24
Ad Hoc
Minimal to no insider threat controls
25-44
Emerging
Basic awareness with limited implementation
45-64
Managed
Structured approach with some automation
65-84
Proactive
Advanced capabilities with continuous monitoring
85-100
Optimized
Industry-leading maturity with full integration

Research Sources & Citations

Our methodology is built on authoritative research from leading cybersecurity organizations

Ponemon Institute 2026 Global Cost of Insider Threats Report

Primary Economic Data
View Source

Key Findings Used

  • Average annual cost: $19.5M (up from $17.4M)
  • Average cost per incident: $676,517
  • Average containment time: 67 days
  • Average incidents per organization: 13.5 annually

Citation

Ponemon Institute LLC. (2025). 2025 Global Cost of Insider Threats Report. Traverse City, MI: Ponemon Institute.

Gartner Market Guide for Insider Risk Management Solutions

Market Analysis & Technical Framework
View Source

Key Findings Used

  • 48% increase in insider attacks reported
  • 71% of organizations feel vulnerable to insider threats
  • 70% identify technical challenges as implementation obstacles
  • 92% of insider incidents involve identity vulnerabilities

Citation

Predovich, B., & Gopal, D. (2024). Market Guide for Insider Risk Management Solutions (Document ID: G00805757). Stamford, CT: Gartner, Inc.

Verizon 2026 Data Breach Investigations Report

Incident Pattern Analysis
View Source

Key Findings Used

  • 62% of breaches included non-malicious human element
  • 70% of healthcare breaches were internal
  • 28% of breaches driven by human errors
  • 40% of social engineering attacks were BEC/CEO fraud

Citation

Verizon Enterprise. (2024). 2024 Data Breach Investigations Report (17th Edition). New York, NY: Verizon Communications Inc.

Forscie® Insider Threat Matrix™

Threat Intelligence
View Source

Key Findings Used

  • 50+ documented insider threat techniques
  • Categorized by motive, coercion, and manipulation
  • Prevention and detection strategies mapped
  • Real-world attack pattern documentation

Citation

Forscie® Limited. (2024). Insider Threat Matrix™. Retrieved from https://insiderthreatmatrix.org/. Copyright 2026 Forscie® Limited.

Benchmark Data Sources

How we derive industry and organizational benchmarks for comparative analysis

Industry Benchmarks

Based on Ponemon Institute industry-specific cost data

Financial Services: $758K average incident cost
Healthcare: 70% internal breaches (Verizon DBIR)
Technology: $19.2M average annual cost
Manufacturing: Complex OT/IT environments

Size-based Benchmarks

Organizational maturity by company size

Enterprise (5000+): Advanced tooling expected
Large (1000-5000): Structured programs
Mid-size (250-1000): Growing awareness
Small (50-250): Basic controls implementation

Methodology Version History

Transparent documentation of methodology evolution and improvements

Version 2.1

Current

Released: September 2025
Updates: Added industry-specific benchmarking, enhanced regional compliance framework, integrated Forscie® Insider Threat Matrix™ threat intelligence

  • • Added Manufacturing, Government, Education, and Retail sector analysis
  • • Integrated GDPR, CCPA, PIPEDA compliance considerations
  • • Enhanced Matrix technique mapping with 50+ documented patterns
  • • Updated research citations with 2025 Ponemon data

Version 2.0

Previous

Released: June 2025
Updates: Initial comprehensive framework with 5-pillar methodology

  • • Established weighted scoring system (25%, 25%, 20%, 15%, 15%)
  • • Integrated Ponemon Institute 2026 and Verizon DBIR 2026 data
  • • Added Gartner Market Guide framework alignment
  • • Implemented 5-level maturity model

Experience Our Transparent Methodology

Take our research-backed assessment and see how your organization measures against industry benchmarks using our scientifically-validated framework.