Dec 5, 2023 - Technology

CEO says insider risk management needs to be disrupted

Photo illustration of Marshall Heilman, next to graphic shapes and a black and white circuit board.

Dtex Systems CEO Marshall Heilman. Photo illustration: Annelise Capossela/Axios; Photo: Courtesy of Dtex Systems

Marshall Heilman, a long-time executive at Google Cloud's Mandiant, has left the company to head up insider-risk firm Dtex Systems, he first tells Axios.

Why it matters: Insider threats — or cyber risks related to employees either purposefully or incidentally leaking corporate data — have become a top concern for security executives, but the industry has yet to catch up.

  • Heilman made the switch from being the chief technology officer at a top cyber intelligence firm to CEO of an insider-threat company as a huge bet on the subsector's potential.

The big picture: Insider threats have long plagued companies, especially high-value companies with precious intellectual property and sensitive corporate data.

By the numbers: According to a report from the Ponemon Institute and Dtex, released in September, the number of insider-related incidents rose nearly 8% between last year's report and this year's.

  • The report also found that, on average, companies reported spending an average of $16.2 million to respond to insider-related incidents in the last year.

Zoom in: Dtex uses machine learning to monitor network activity and company endpoints to detect unusual employee activity — such as logging on from a strange location, exfiltrating an unusual number of corporate files, and resetting passwords too many times.

  • Dtex's customer base ranges from financial service organizations to major sports companies.
  • Heilman also said he sees an opportunity to expand the company's list of government clients and work toward federal procurement cybersecurity certifications.

What they're saying: "It's a space that needs to be disrupted, it needs to be made more important, and we need to bring awareness to why it's such a problem," Heilman said.

Between the lines: Heilman told Axios he sees a lot of similarities between his new company and the early days of Mandiant.

  • Right now, insider threats feel like something everyone is aware of — and most organizations set aside a budget for — but few actually know how to meaningfully address, much like threat intelligence and cyber incident response in the early days of Mandiant nearly 20 years ago.
  • Dtex also has the same workplace culture and dedication to its craft that Mandiant does: "They are practitioners first, they understand this space," Heilman said.

The intrigue: Heilman is hopeful he can make Dtex the go-to provider for insider-threat monitoring technologies — something that he argues doesn't really exist right now.

  • To get there, Heilman is embarking on a customer listening tour to gauge places for potential innovation and improvements.
  • And he's focused on building out the company's marketing and sales divisions.

What we're watching: Heilman was coy about whether the company is eyeing additional venture capital to build out his vision.

  • Dtex last raised capital in 2020 — a $17.5 million round led by NorthGate Capital.
  • "There is a lot of interest in the investment community because they see what I see — that this is an industry ripe for disruption," Heilman said.
Go deeper