Insider Risk Perspective

Policies Don't Stop Incidents. Capability Does!

Your acceptable use policy exists. Your data handling policy is documented. Your incident response plan is approved and filed. Yet insider incidents still occur in organisations that have all of them. The reason is straightforward: Policies create expectations. They do not create detection, escalation, or the judgement to act when something feels wrong but is not yet undeniable.

Boaz Fischer

6 days ago

Hand retrieving a folder from an open filing cabinet drawer. Background features pink and blue geometric shapes. Document icons visible.

Most Insider Incidents Start Quietly

To have a Policy or not have a Policy isn't the question...The question is whether your organisation can actually act on it. All true. But the reality is that TRUST doesn’t set boundaries, log actions, or stop a bad click at 5 p.m. Trust isn’t a control. That imbalance is becoming NEGLIGENT.

Boaz Fischer

May 12

Why Policies ≠ Capability

Boaz Fischer

May 8

Person sits in locked cage on seesaw, while another walks freely toward a shield with a check mark. Background in contrasting colors.

Trust Isn’t Control

We celebrate trust. We hire for it, reward it, and tell ourselves it’s what makes great teams work. All true. But the reality is that TRUST doesn’t set boundaries, log actions, or stop a bad click at 5 p.m. Trust isn’t a control. That imbalance is becoming NEGLIGENT.

Boaz Fischer

May 8

Man in blue walks away from cracked shield with handshake. Arrows hit shield. Sun sets in pink and blue landscape.

Trust Isn’t a Shield: The Illusion of Security Without Controls

This article challenges the belief that trust alone can protect an organisation. While trust is essential for culture, it doesn’t enforce boundaries, detect risk, or prevent misuse of access. This article highlights why trust must be continuously tested, supported by controls, and treated as a dynamic process, not a one-time assumption. That imbalance is becoming NEGLIGENT.

Boaz Fischer

May 8

Castle with cybersecurity icons on left cliff, man on right cliff facing a red alert. Blue and red color scheme, digital conflict theme.

The Threats We Fund vs. The Threats We Ignore

This article exposes a simple imbalance: Organisations invest heavily in stopping outsiders, but far less in understanding the risks already inside. Yet most costly incidents begin with trusted access, human behaviour, and missed internal signals. The real issue isn’t the lack of tools. It’s where attention and funding are placed. That imbalance is becoming NEGLIGENT.

Boaz Fischer

May 8

Two people in blue suits hold a steaming potato, with pink and blue background shapes. They look surprised.

The “Hot Potato Problem” Of Insider Risk

Ask any executive who owns insider risk, and you will often see a pause. Not because people don’t care, but because it doesn’t sit neatly within one function.

Boaz Fischer

May 8