“Insider threat,” the phenomenon of employees going bad, has become a key focus of corporate security departments, as companies become increasingly aware of how much damage an angry staffer or contractor can do by stealing or leaking intellectual property or other confidential data.
In a feature in our July issue, Fortune’s Roger Parloff takes a close look at Scout, a software tool developed by cybersecurity firm Stroz Friedberg that analyzes employees’ emails and, according to the firm, can spot disgruntled or unstable workers before they go rogue. But Scout is just one weapon in a growing arsenal of technical tools that cybersecurity pros have devised to combat data theft, fraud, and sabotage. Here are four categories of protection.
Security information and event management is the art of monitoring all the data generated by a company’s security software and appliances. Information managers store info to be studied later; event managers create data feeds that staff can track in real time. SIEM players include Hewlett Packard Enterprise (HPE), IBM (IBM), and Splunk (SPLK).
Data Loss Prevention (DLPs)
This technology spots—and blocks—unauthorized attempts to move around sensitive information. RSA, a cybersecurity unit owned by EMC (EMC) (and soon Dell), has been winding down its DLP services, but other widely used products include Intel Security’s (INTC) McAfee DLP, Comodo’s MyDLP, and the free and open source OpenDLP.
This nascent field combines data crunching and machine learning to pinpoint insider threats and compromised accounts. Analytics tools raise a flag whenever people’s actions deviate from a given norm. Companies that offer such analytics products include Rapid7, RedOwl, and Securonix. Scout, the email analysis software tool created by Stroz Friedberg, also falls in this category.
Let’s say an employee triggers an alert—by, for example, removing a data tag on a document marked “company’s most valuable.” A monitoring tool would kick in and start recording his keystrokes, capturing screenshots, or disabling outgoing email traffic. Raytheon (RTN) and Digital Guardian sell activity-monitoring tools.
A version of this article appears in the July 1, 2016 issue of Fortune in the story “Spy Tech That Reads Your Mind,” as a sidebar.