The Report, independently conducted by Ponemon Institute, is issued every 2 years and now in its fourth edition. It surveyed over 1,000 IT and IT security practitioners across North America, Europe, Middle East, Africa, and Asia-Pacific. Each organization included in the study experienced one or more material events caused by an insider. The Report reveals that over the last two years, the frequency and costs associated with insider threats have increased dramatically across all three insider threat categories, including: careless or negligent employees/contractors, criminal or malicious insiders, and cybercriminal credential theft.
Cost of Insider Threats Rises 31%
Tessian Cloud Email Security intelligently prevents advanced email threats and protects against data loss, to strengthen email security and build smarter security cultures in modern enterprises. It understands human behavior and relationships, enabling it to automatically detect and prevent anomalous and dangerous activity.
Several industry experts stressed that insider threats are the primary concern for every security leader, as many organizations fail to address the insiders within their own company. As a result, numerous data breaches happen due to employee negligence or unintentional actions like responding to a phishing email with sensitive information or downloading malicious content. In addition, with the ongoing crisis due to the COVID-19 pandemic, companies across the globe are working remotely. This is creating new opportunities for threat actors to launch insider threats.
According to the survey, negligent employees create around 62% of security incidents, costing organizations an average of $307,111 per incident. The fastest-growing industries for insider threats are the retail sector (38.2% two-year increase) and the financial services sector (20.3% two-year increase). It takes 77 days for a company to contain each insider threat incident, and only 13% of the analyzed security incidents were contained in less than 30 days, the report stated.
Amid the turmoil and confusion surrounding the COVID-19 pandemic, companies were forced to hastily implement solutions that could allow employees to shift to telework overnight, creating extensive opportunities for bad actors and insider threats to flourish.
While careless or negligent employees make for 62% of incidents, costing organizations an average of $307,111 per incident, malicious insiders or credential thieves bare a higher price tag of $871,686 per incident. The cost per incident is also influenced by organization size and operating industry.
An insider threat is anyone who has special access to the organization and can possibly use that access to attack or help hackers target the company. There are a few different types of insider threats to be aware of: malicious insiders, inside agents, emotional employees, reckless employees, and third-party users. Each one of these types of insider threats all could have access to an organization in some way and can use it to their advantage.
When we talk about cybersecurity, we often think about hackers outside organizations trying to access private, sensitive data. However, threats from insiders are fast becoming a grave concern among businesses. As insider threat statistics show, these instances have been rising and an overwhelming number of businesses are not prepared to handle them. Implementing some of the best IT security software will, of course, help but there are still many challenges, especially when the enemy is right inside your own backyard.
Not all insider threats are the same. Some involved data exfiltration while others are connected to privilege misuse. Also, not all insider threats are carried out with malicious intent. A huge part of insider data breaches actually comes from unintentional breaches and the negligence of employees.
There is no one fool-proof approach to hindering insider threats. The statistics reveal how organizations use a variety of tactics and tools to combat the threats. These include user behavior analytics, in-app audit system/feature, user training, and information security governance.
There are measures you can put in place and tools you can use to prevent a full-blown attack. Why is this important? Just by looking at the numbers and costs a company might incur for every incident of an insider data breach, we can surmise that prevention is still better than cure. With that said, we do acknowledge that stopping every incident of an insider threat sounds like a tall order. First, preventive measures can involve millions of dollars, long hours of user training, and lots of manpower to make sure IT security protocols are followed. These things can cause organizations to look the other way, especially for smaller businesses that do not have the budget and people to focus on the task.
Malicious insiders remain one of the key threats to corporate cybersecurity. But we can outline the latest industry trends and determine ways to efficiently combat this threat by analyzing the percentage of threats posed by insiders and attack vectors in recently published cybersecurity reports.
The Ponemon Institute conducted two studies on the cost of insider threats, one in 2018 [PDF] and another in 2020 [PDF]. According to their reports, the total average cost of a threat increased by 31% between 2017 and 2019.
Tools companies use for detecting and preventing insider fraud and other insider threats are based on unified visibility (when all activity can be seen from one place), which was considered important by the majority of organizations who took part in the same survey.
However, only 42% of companies now deploy a single product for controlling where data goes or use multiple integrated tools for this. The other 58% reduce their chances of identifying insider threats by using separate tools or no tools at all.
Costs associated with insider threats are also increasing. According to the Ponemon Institute's 2020 Cost of Insider Threats Global Report, "The overall cost of insider threats is rising, with a 31% increase from $8.76 million in 2018 to $11.45 million in 2020," and the number of incidents has increased 47% in just two years.
Sound policy management can also play a pivotal role by connecting IT, Legal, HR and other departments that have critical functions in combatting insider threats. With robust policy management systems in place, organizations can focus on agility, automation and workflow efficiencies while keeping other groups informed and involved.
The Ponemon Institute has published a report called 2020 Cost of Insider Threats: Global, in which it reveals a series of eye-opening statistics about insider threats. For the study, researchers interviewed 964 IT and IT security practitioners in 204 organizations in North America, Europe, Middle East & Africa and Asia-Pacific.
To differentiate between the different kinds of insider threats, the researchers divided them into three categories: unintentionally negligent employees or contractors; credential thefts leading to unauthorized access to applications and systems; and malicious insiders who intentionally damage the organization from within.
However,the results of the study show that many companies will have to deal with hight costs because of the time taken to respond to an incident: the average time to contain an insider is 77 days, while only 13% are contained in under 30 days.
With insider threats on the rise over the last two years, more companies moving to online environments, and small businesses still not believing the risks of insider threats, these attacks are more likely to occur and to occur more often!
A recent survey revealed that only one in five IT professionals consider insider threats a real concern. Accordingly, 39% of organizations have a team capable enough to implement information and cybersecurity.
Careless workers can be well-meaning, but negligence on their part can cost organizations millions. If an employee or contractor acts carelessly, such as leaving workstations and doors unlocked, installing unapproved applications onto company devices, or leaving sensitive personal health information (PHI) or personally identifiable information (PII) in plain sight, it can leave your organization vulnerable to a cyberattack. And negligence is the most frequently encountered insider threat, comprising 62% of all incidents caused by insiders. According to the Ponemon report, incidents caused by careless employees or contractors cost an average of $307,111 per occurrence across all industries and can add up to $4.58 million per organization.
Although imposter risk occurs in only 14% of insider threat events, incidents caused by credential theft are the most costly. In fact, the typical cost per credential theft incident is nearly triple that of negligence incidents at a staggering $871,686. Annually, incidents caused by credential thieves amount to $2.79 million, on average.
In the healthcare industry in particular, insider threats can affect lives. According to a study by Vanderbilt University, hospital mortality rates, as well as the number of fatal heart attacks, rise drastically following a data breach. In fact, the research suggests that breaches cause up to 2,100 deaths per year in the United States alone.
Far more discreet but also destructive is the threat that comes from within. According to ObserveIT's 2020 Cost of Insider Threats study, the latest research available, insider threat incidents increased by a massive 47% globally since 2018. The average annual cost to companies of insider threats has also rocketed, rising 31% to $11.45 million in only two years.
At one customer, Motorola, the impact was not only identifying insiders that had eluded other tools like DLP, but an eventual reduction in the number of staff required to chase down alerts from 3-1. With more accurate alerts, the team was able to increase productivity and focus on more valuable activities. You can read about how Motorola combated insider threats in our case study. 2ff7e9595c
Comments