Insider threats are on the rise. To substantiate it, a new study from The Ponemon Institute has highlighted that cybersecurity incidents caused due to such threats have increased by a whopping 47% since 2018. This, in turn, has caused organizations across all sectors to spend an average of $11.45 million annually to remediate such security incidents caused by careless or malicious insiders. Overall, organizations are spending 60% more to recover from insider threats in comparison to what they paid three years ago.
What does the study comprise of?
The study involves companies located in North America, Europe, the Middle East, and the Asia-Pacific region.
For a more detailed analysis, the incidents are split into three different categories of threat:
Time for rectification also increases
Researchers further found that incidents that take more than 90 days to contain have caused organizations to lose around $13.71 million on an annual basis. However, the incidents that lasted for less than 30 days has cost organizations roughly $7.12 million per year. Meanwhile, it takes an average of more than two months to contain an insider threat.
The bottom line
According to the report, the costs are driven by monitoring and surveillance, investigation, escalation, incident response, containment, ex-post analysis, and remediation. While containment and remediation represent the most expensive activity centers for insider threats, the least expensive activities are ex-post analysis and escalation. The researchers note that investigations are the fastest growing cost center, with the average cost across all incident types rising to 38% in the last two years.