New York Tech Media
  • News
  • FinTech
  • AI & Robotics
  • Cybersecurity
  • Startups & Leaders
  • Venture Capital
No Result
View All Result
  • News
  • FinTech
  • AI & Robotics
  • Cybersecurity
  • Startups & Leaders
  • Venture Capital
No Result
View All Result
New York Tech Media
No Result
View All Result
Home Cybersecurity

How costly is an insider threat?

New York Tech Editorial Team by New York Tech Editorial Team
January 31, 2022
in Cybersecurity
0
How costly is an insider threat?
Share on FacebookShare on Twitter

Proofpoint released a report to identify the costs and trends associated with negligent, compromised, and malicious insiders. Notably, on average, impacted organizations spent $15.4 million annually on overall insider threat remediation and took 85 days to contain each incident.

insider threat costs

The report, conducted by Ponemon Institute, surveyed over 1,000 IT and IT security practitioners across North America, Europe, Middle East, Africa, and Asia-Pacific. Each organization included in the study experienced one or more material events caused by an insider.

The report reveals that over the last two years, the frequency and costs associated with insider threats have increased dramatically across all three insider threat categories, including: careless or negligent employees/contractors, criminal or malicious insiders, and cybercriminal credential theft.

“Months of sustained remote and hybrid working leading up to “The Great Resignation” has resulted in an increased risk around insider threat incidents, as people leave organizations and take data with them,” said Ryan Kalember, EVP of cybersecurity strategy at Proofpoint.

“In addition, organizational insiders, including employees, contractors, and third-party vendors, are an attractive attack vector for cybercriminals due to their far-reaching access to critical systems, data, and infrastructure. With people now the new perimeter, we recommend layered defenses, including a dedicated insider threat management solution and strong security awareness training, to provide the best protection against these types of risks.”

Insider threat costs and trends

  • Organizations impacted by insider threats spent an average of $15.4 million annually—that’s up 34 percent from $11.45 million in 2020.
  • The overall number of incidents has increased by a staggering 44 percent in just two years. The frequency of incidents per company has also gone up with 67 percent of companies experiencing between 21 and more than 40 incidents per year, up from 60 percent in 2020.
  • The negligent insider is the root cause of most incidents. 56% of reported insider threat incidents were the result of a careless employee or contractor, costing on average $484,931 per incident. This could be the result of a variety of factors, including not ensuring their devices are secured, not following the company’s security policy, or forgetting to patch and upgrade.
  • Malicious or criminal insiders were behind 26% of incidents at an average cost per incident of $648,062. Malicious insiders are employees or authorized individuals who use their data access for harmful, unethical, or illegal activities. Because employees are increasingly granted access to more information to enhance productivity in today’s work-from-anywhere workforce, malicious insiders are harder to detect than external attackers or hackers.
  • Credential theft incidents have almost doubled since the last study. At an average of $804,997 per incident, credential theft is the costliest to remediate. The intent of the credential thief is to steal users’ credentials that will grant them access to critical data and information. A total of an average 1,247 incidents (or 18%) involved cybercriminals stealing credentials.
  • The time to contain an insider incident increased from the last study. It takes an average of nearly three months (85 days) to contain an insider incident up from 77 days in the previous study. Incidents that took more than 90 days to contain cost organizations $17.19 million on an annualized basis, while incidents that lasted less than 30 days cost an average of $11.23 million.

Financial services and professional services have the highest average activity costs. The average activity cost for financial services is $21.25 million and professional services is $18.65 million. Service organizations represent a wide range of companies including accounting, consultancy, and professional service firms.

Organizational size affects the cost per incident. The cost of incidents varies according to organizational size. Large organizations with a headcount of more than 75,000 spent an average of $22.68 million over the past year to resolve insider-related incidents. To deal with the consequences of an insider incident, smaller-sized organizations with a headcount below 500 spent an average of $8.13 million.

North American companies are spending more than the average cost on activities that deal with insider threats. The total average cost of activities to resolve insider threats over a 12-month period is $15.4 million. Companies in North America experienced the highest total cost at $17.53 million. European companies had the next highest cost at $15.44 million.

Five signs that your organization is at risk

  • Employees are not trained to fully understand and apply laws, mandates, or regulatory requirements related to their work and that affect the organization’s security.
  • Employees are unaware of the steps they should take to ensure that the devices they use—both company issued and BYOD—are secured at all times.
  • Employees are sending highly confidential data to an unsecured location in the cloud, exposing the organization to risk.
  • Employees break your organization’s security policies to simplify tasks.
  • Employees expose your organization to risk if they do not keep devices and services patched and upgraded to the latest versions.

Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute commented: “Insider threats continue to climb, both in frequency and remediation cost. That said, we are seeing the risk of malicious insider threats increase – with more users accessing business data from outside the confines of the office. This can blur the security team’s ability to identify and differentiate between well-meaning employees, and malicious insiders trying to siphon sensitive business data.”

Credit: Source link

Previous Post

14 drug discovery startups to watch, according to top VCs

Next Post

Cybersecurity staff turnover and burnout: How worried should organizations be?

New York Tech Editorial Team

New York Tech Editorial Team

New York Tech Media is a leading news publication that aims to provide the latest tech news, fintech, AI & robotics, cybersecurity, startups & leaders, venture capital, and much more!

Next Post
Nearly 600,000 open cybersecurity-related jobs were listed over 12 months

Cybersecurity staff turnover and burnout: How worried should organizations be?

  • Trending
  • Comments
  • Latest
Meet the Top 10 K-Pop Artists Taking Over 2024

Meet the Top 10 K-Pop Artists Taking Over 2024

March 17, 2024
Panther for AWS allows security teams to monitor their AWS infrastructure in real-time

Many businesses lack a formal ransomware plan

March 29, 2022
Zach Mulcahey, 25 | Cover Story | Style Weekly

Zach Mulcahey, 25 | Cover Story | Style Weekly

March 29, 2022
How To Pitch The Investor: Ronen Menipaz, Founder of M51

How To Pitch The Investor: Ronen Menipaz, Founder of M51

March 29, 2022
Japanese Space Industry Startup “Synspective” Raises US $100 Million in Funding

Japanese Space Industry Startup “Synspective” Raises US $100 Million in Funding

March 29, 2022
UK VC fund performance up on last year

VC-backed Aerium develops antibody treatment for Covid-19

March 29, 2022
Startups On Demand: renovai is the Netflix of Online Shopping

Startups On Demand: renovai is the Netflix of Online Shopping

2
Robot Company Offers $200K for Right to Use One Applicant’s Face and Voice ‘Forever’

Robot Company Offers $200K for Right to Use One Applicant’s Face and Voice ‘Forever’

1
Menashe Shani Accessibility High Tech on the low

Revolutionizing Accessibility: The Story of Purple Lens

1

Netgear announces a $1,500 Wi-Fi 6E mesh router

0
These apps let you customize Windows 11 to bring the taskbar back to life

These apps let you customize Windows 11 to bring the taskbar back to life

0
This bipedal robot uses propeller arms to slackline and skateboard

This bipedal robot uses propeller arms to slackline and skateboard

0
The Future of “I Do”: How Technology is Revolutionizing Weddings in 2025

The Future of “I Do”: How Technology is Revolutionizing Weddings in 2025

March 19, 2025
Eldad Tamir

AI vs. Traditional Investing: How FINQ’s SEC RIA License Signals a New Era in Wealth Management

March 17, 2025
Overcoming Payment Challenges: How Waves Audio Streamlined Transactions with BridgerPay

Overcoming Payment Challenges: How Waves Audio Streamlined Transactions with BridgerPay

March 16, 2025
Arvatz and Iyer

PointFive and Emertel Forge Strategic Partnership to Elevate Enterprise FinOps in ANZ

March 13, 2025
Global Funeral Traditions Meet Technology

Global Funeral Traditions Meet Technology

March 9, 2025
Canditech website

Canditech is Revolutionizing Hiring With Their New Product

March 9, 2025

Recommended

The Future of “I Do”: How Technology is Revolutionizing Weddings in 2025

The Future of “I Do”: How Technology is Revolutionizing Weddings in 2025

March 19, 2025
Eldad Tamir

AI vs. Traditional Investing: How FINQ’s SEC RIA License Signals a New Era in Wealth Management

March 17, 2025
Overcoming Payment Challenges: How Waves Audio Streamlined Transactions with BridgerPay

Overcoming Payment Challenges: How Waves Audio Streamlined Transactions with BridgerPay

March 16, 2025
Arvatz and Iyer

PointFive and Emertel Forge Strategic Partnership to Elevate Enterprise FinOps in ANZ

March 13, 2025

Categories

  • AI & Robotics
  • Benzinga
  • Cybersecurity
  • FinTech
  • New York Tech
  • News
  • Startups & Leaders
  • Venture Capital

Tags

3D bio-printing acoustic AI Allseated B2B marketing Business carbon footprint climate change coding Collaborations Companies To Watch consumer tech cryptocurrency deforestation drones earphones Entrepreneur Fetcherr Finance Fintech food security Investing Investors investorsummit israelitech Leaders LinkedIn Leaders Metaverse news OurCrowd PR Real Estate reforestation software start- up startupnation Startups Startups On Demand startuptech Tech Tech leaders technology UAVs Unlimited Robotics VC
  • Contact Us
  • Privacy Policy
  • Terms and conditions

© 2024 All Rights Reserved - New York Tech Media

No Result
View All Result
  • News
  • FinTech
  • AI & Robotics
  • Cybersecurity
  • Startups & Leaders
  • Venture Capital

© 2024 All Rights Reserved - New York Tech Media