Insider Threat Management

New Ponemon Institute Study: Insider Threats Lead to Big Losses and Significant Costs

Share with your network!

A new study released from The Ponemon Institute, 2018 Cost of Insider Threats: Global Organisations reveals the average cost of insider threats globally over the past 12 months was $8.76 million. Not surprisingly, these costs increased the longer an insider threat took to resolve and varied widely depending on the industry and size of organisation.

Researchers at The Ponemon Institute spoke with 717 IT and IT security practitioners at 159 organisations with a global headcount of 1,000 or more in North America, Europe, the Middle East, Africa, and Asia-Pacific. A total of 3,269 insider incidents were identified across all organisations in the past 12 months.

In this post, we’ll share some more highlights from the report and give you some tips on how to prevent insider threats in your own organisation.

Who’s Causing Insider Threats

Unfortunately, the people responsible for costing organisations serious money are often the most trusted insiders.

The report covers three major types of insider threats:

  • negligent or careless employees, vendors or contractors
  • criminal or malicious insiders
  • credential thieves

Each insider threat profile caused hundreds of thousands of dollars of damage on a per-incident basis, adding up to millions of dollars in expenses per year. Surprisingly, the most costly insider threats per incident and on an annual basis were different. Could these threats be hidden in your organisation? Click through to learn more.

Insider Threat Containment Costs Sky High

The Ponemon Institute report concentrates on the regions and industries hit hardest by the cost of insider threats and how costs rise for an organisation over the course of time. Here are some of the highlights:

  • All types of insider threats are increasing. Since 2016, the average number of incidents involving employee or contractor negligence has increased by 26% and by 53% for criminal and malicious insiders. The average number of credential theft incidents has more than doubled over the past two years, increasing by 170%.
  • The research shows insider threats continue to be difficult to detect and manage; the longer an incident took to resolve, the more expensive it got for organisations. The average time to contain an insider threat was 72 days—only 16% of incidents were identified and contained within 30 days!
  • Financial services institutions faced the highest insider threat costs at $12.05 million annually (on average), with energy and utilities coming in at a close second at $10.23 million. Manufacturing organisations incurred an average annual cost of $8.86 million annually to contain insider threat related incidents.
  • North America experienced the highest annualised cost of insider threats at $11 million, followed by the Europe and the Middle East with $7 million annually and Asia-Pacific at $6 million annually.

For a deeper dive into these stats, including the dollar amounts for each specific industry, region, and time window to contain an insider threat, click here to download the report.

How to Prevent Data Exfiltration from Insider Threats

Now that you’ve heard so much about the cost of insider threats, you might be curious about strategies to prevent them. Here are three tips to get ahead of insider threats before they start, or  stop them quickly in their tracks:

  • Gain visibility into your workforce and contractors. Since insider threats are caused by trusted people, it’s critical to get a holistic view of who is accessing your data and using critical systems. Rather than understanding every possible doomsday scenario, it’s much more important to know which insider behaviours are the riskiest and how to flag them before they become a problem.
  • Educate employees and contractors. With 64% of incidents coming from negligent or careless employees and contractors, effective training is more important than ever. Whether your users are sending sensitive files to personal email addresses or clicking on phishing links, helping people understand the mistakes that lead to data loss can play a major role in preventing insider threats.
  • Prepare a response plan. Data shows the longer an insider threat lingers, the more costly it gets. That’s why having an incident response plan in place is key to establishing a chain of command, making smart decisions, and resolving issues swiftly. A good plan may also help keep you compliant with best practices for notifying customers and partners in the aftermath of a breach.

Click here to learn more and download the full Ponemon Institute 2018 Cost of Insider Threats report today.