This document summarizes three tips for managing risky user activity in 2015 presented by David Monahan and Dimitri Vlachos. The tips are: 1) identify different types of user risks like malicious insiders or duped users, 2) adopt a user-centric security strategy using user activity monitoring to better understand risks, and 3) simplify compliance by providing auditors with detailed reports of all user activities on systems and applications. Traditional administrator monitoring and logging provides an incomplete picture, while user focused monitoring can help protect users and the business by providing more context around security incidents.