Various regulatory regimes require companies to implement reasonable cybersecurity measures, which generally seek to protect company systems and confidential data. As a result, companies are increasingly expending resources to mitigate the risks to their sensitive information posed by external threats, including organized criminals, hacktivists and hostile nation states.
At the same time, insider cyber threats, such as deliberate theft or destruction of sensitive information, as well as innocent mistakes that result in lost control over confidential data, are primary risk factors for most businesses. To protect sensitive information and meet their regulatory obligations, many companies feel compelled to closely monitor the activities of their employees.
