About Us

Do You Want Your Business To Be Resilient To Deliberate Insider Threats?

Find out how we can transform your business from being vulnerable to being resilient to malicious insider threats. We are highly confident in our framework, that we can guarantee our result.

We are the architects of Naked Insider, the gold standard for helping highly valuable organisations and regulated corporations develop strategies to mitigate insider risk.

What Makes Naked Insider Unique?

Naked Insider provides the assurance and governance to executives, management and board that their trusted people (employees and other business partners) are trustworthy, dependable and doing the right thing by utilising two powerful forces:

  1. Positive incentives – Shaping people behaviour to act in the interest of the organisation; and
  2. Negative incentives – Focusing on making sure employees don’t misbehave.

What Makes Naked Insider Highly Credible?

  • Naked Insider has the right multidisciplinary team, calling upon help from insider threat certified people, security specialist, data specialist, security analysts and system architects to provide specific solutions and answers;
  • Naked Insider employs psychologists to help engender high employee engagement and culture change within organisations;
  • Naked Insider has the authority and expertise in managing insider risks for over ten years. Including publishing four books, over 200 articles about insider risk and cybersecurity best practices, as well as videos around the subject of insider risk and security resiliency best practices;
  • Naked Insider has worked with leading global organisations such as Australian Federal and State Governments; The top two telecommunication companies; The top three banks in Australia; Including corporations in New Zealand and Singapore;
  • Naked Insider is an established partner with the Insider Threat Division of CERT.

 Yet, when we first started way back in 1996 with CommsNet Group, we had no idea that we would get involved in the Human Element of Business Risk.

Here’s How It Happened...

When we started, the two of us rented a single room from a financial advisor. The room could only fit a single table. It was tiny.

But who cared, we were in business connecting companies to technology that wanted increasing in productivity and business enablement.

I’ll Never Forget How Nervous I Was The First Time When We Signed Up Our First Client…

I remember back then when we first signed up our first client. We were very “green behind our ears”. But they believed in us. We came across as two trustworthy and dependable individuals that they could rely on.

And over the next ten years, we signed up several new clients and a number of skilled employees. We were building a successful, reliable and trustworthy business that organisations liked and were very supportive because we CARED about their success.

But, there was a problem looming. New applications were booming, and the Internet was becoming the hive of connectivity explosion.

The first challenge we started to encounter is the rise of supporting business applications that we had no expertise and secondly, Internet threats were starting to become more and more common.

That’s When We Knew That We Had To Change…

That’s when we decided to refine our business along the lines of helping organisations build resilient systems. 

That involved in helping monitor for system and application performance problems as well as assisting in building cybersecurity best practices.

We quickly realised that if we were going to play in the cybersecurity field, we would need to raise our game. Otherwise, we would just be ignored as non-relevant.

Two things struck out quickly. No organisation cared about what security technology we were selling, since others were selling something similar. And secondly, when it came to cybersecurity, prospects preferred dealing with the IBM, HP and other big players.

That’s when we knew that we had to modify our approach and thinking. We had to build up our authority and credibility when it came to information security.

That’s When We Knew That We Were Onto Something….

It was no easy task to build such authority and influence. However, after having written over 100 articles about information security best practices as well as publishing three books, our voices were being heard.

Insider threat is one of the oldest and largest problems for organisations representing a massive share of attacks, financial damages and reputation harm. It’s presented in over 70% of breaches.

Companies are undoubtedly aware of the problem, but they rarely dedicate the resources or executive attention required to solve it.

Most prevention programs fall short by focusing exclusively on technology and completely ignoring the most fundamental element in their business –human behaviour.

For example, most companies that want to combat insider risk rely on gathering troves of system logs events and on trying and infer the risky behaviour. However, by the time they detect a negative behaviour, that breach has already occurred.

Another widespread adoption is the use of “data loss prevention (DLP)” tools that severely falls short of their expensive price tag. However, data by itself doesn’t walk out the door by itself. The root cause is people!

There Is A Much Better Way

Rather than going immediately to extensive monitoring, we believe that organisations should take a much more nuanced approach, tailored to their information assets, potential risk impacts, and workforce.

The key to this approach is segmentation, which identifies particular groups of employees that are capable of doing the most damage, and then develops focused interventions specific to those groups.

Furthermore, while many programs focus on catching and responding to negative behaviours, it’s also vitally important to directly and assertively address the cultural issues that drive negligence and malicious behaviour through positive incentives and engagements.

And finally, there is a definite advantage for those organisations that can effectively predict risks before they take place. Having the ability to identify and disrupt indicators of negative behaviours much earlier in the threat lifecycle is essential.

And Of Course, There Are Lot Of Things That Have Changed In Our Business As A Result.

Today, Naked Insider is one of the most significant insider risk service specialist in Australasia. We provide insider risk services to the two largest telecommunication organisations, three of the biggest banks in Australia, as well as several Federal and State to Government agencies.

All of this was possible because we decided to pivot our thinking and our offering to something highly valuable, beneficial and advantageous.

And now, it’s our goal to help YOU to create a safe business environment and where trust is most valued by all.

About nakedinsider.com

This site – nakedinsider.com is basically the place where I share what we have seen, what we have done and what we have learned throughout the last 20+ years in business.

We started back in 1996 with an idea. We had $0 to our business, and we had no experience ever starting a business. Its’ been a crazy ride for all of us… and we wouldn’t trade it for anything.

But as much as this site is about us, we would like to think It’s more about you. Our goal is to help you develop resiliency and toughness against risk from trusted insiders.