Businesses cannot come up with a mitigation strategy to efficiently detect, identify and manage insider threats, according to research from the Ponemon Institute, so they risk the loss of critical confidential data and resources, network shutdown and reputational damage. In the past year, 159 organizations from the United States, Canada, Europe, Middle East, Africa, and the Asia-Pacific region dealt with 3,269 security breaches caused by insider threats due to plain negligence.
“This research reveals that ignoring the growing threat posed by insiders can be costly for businesses of all sizes and in all industries,” said Dr. Larry Ponemon, Chairman and Founder of Ponemon Institute. “The increasing cost of insider threats – whether caused by negligent or malicious actors – is extremely detrimental for organizations, potentially costing them millions of dollars annually.”
The number of data breaches and security exploits provoked by a careless employee or contractor, a criminal or malicious insider or a credential thief has significantly grown in the past 12 months, and the average cost of an incident has increased to $8.76 million, according to the study. The most expensive incidents were reported in the finance sector, at an average of $12.05 million, followed by energy and utilities ($10.23 million), and industrial and manufacturing ($8.8 million).
The larger the company, the more expensive it is to clean up after an insider-related cyberattack. In 2017, for instance, an enterprise with over 75,000 employees spent some $2.081 billion on this type of attack, while significantly smaller organizations spent approximately $1.8 million. What’s worse is that insider threat incidents can go undetected for months before any action is taken against them.
Compared with 2016, the number of insider threats represented by careless employees or contractors has increased 26 percent while the number caused by malicious actors has jumped by 53 percent. Credential theft incidents have also gone up 170 percent. Most often, credential thefts involve an impostor risk, in which case the cost to contain it doubles to $648,845.
Because IT teams do not immediately detect and manage insider threats, companies end up spending more than two months on preventing further damage and containing a single incident. Only 16 percent were dealt with in less than 30 days, says the report.
Insider threat incidents are costly to deal with from the get-go, so the longer it takes to detect and manage them, the more expensive mitigation gets. This is precisely why organizations should research and understand the amount of resources required to prevent and manage insider threats, and ultimately invest in educational security trainings for all employees, as well as implement an integrated cybersecurity strategy.