Internal Threat Program

Kymatio Insider Threat Program

Photo by Jordan Graff on Unsplash

Internal threats can have a devastating impact on the organization

  • Executive order 13587 of the North American government obliges its contractors to implement the internal threat program in the organization in order to be eligible to provide their services
  • The United States National Institute of Standards and Technology (NIST) recognizes the need for formal controls to address an organization’s risk
  • The coordination of a large team is necessary to adequately attend all the angles to be covered. The actors to be involved in the Insider Threat Program (ITP) should include, at least, personnel from the Information Technology, Security, Human Resources, Legal teams, and of course, Members of the Executive Committee.

Trust Kymatio, the leading platform for human cyber risk prevention.
Kymatio makes it easier for the ITP manager and other departments involved to assess the status of the workforce.

Kymatio - Human firewall activation and cyber risk management

Among the benefits that Kymatio provides:


Metrics and visibility on high-risk employees and departments.

Critical functions

Identifying critical departments and functions.

Risk relationships

Allows observation of seemingly unrelated risk relationships between departments and provides early indicators and warnings to avoid potential incidents.

Meet your new allies, artificial intelligence and neuroscience

Takes advantage of the power of AI that, supported by neuroscience, provides key information, individualized according to the characteristics of each person and position, offering support actions, recommendations and targeted awareness. Obtains key insights such as the level of risk and potential impact that an incident would have in each position, including information on social engineering, digital exposure and determination of critical function.

Activate your organization's human firewalls

Boosts the level of cybersecurity and wellbeing of the people in your organization to reduce the risk to which they are exposed.
Obtains recommendations for the corporate cyber risk prevention plan, adapted based on the data obtained, which considers the degree of exposure of the workforce to information security incidents.
Determines what the particular support needs are for each person and automatically offer content and recommendations to employees for their strengthening, enhancing their alertness and status in the areas of cybersecurity and wellbeing (sentiment).

Cyber risk reduction

Through periodic assessment of exposure to information security risk associated with people and the activation of mitigation measures


Determines the needs to strengthen the organization, obtaining a plan for mitigating human risk (micro-segmentation) at corporate, departmental and employee levels

Recurring evaluation

Periodic and automated evaluation that allows continuous monitoring of risk and accompanying employees in their awareness and strengthening

Actionable measures

Risk organization charts, impact analysis, cyber awareness and other stressors such as wellbeing/sentiment analysis provide a complementary path for data-based decision making


In the execution of actions and optimization in the use of protection and detection technologies