In a recent study conducted by the Ponemon Institute, the average annual cost of insider cybersecurity threats has surged to $16.2 million over the past 12 months, marking a significant 40% increase over the last four years. The findings shed light on the growing financial challenges organizations face in combating insider risks and underscore the need for enhanced cybersecurity strategies.
The report indicates that the most substantial costs associated with insider risks occur after the incident has transpired, with containment and remediation representing the most expensive areas at $179,209 and $125,221 per incident, respectively. Notably, the average time required to contain an insider incident has increased to 86 days, reflecting the prolonged efforts organizations invest in mitigating the aftermath of insider threats.
The study highlights the prevalence of external attackers resorting to outsmarting insiders as a “go-to tactic” to steal credentials and gain access to critical data. Stolen credentials were involved in 20% of incidents, resulting in an average annualized cost of $4.2 million, slightly down from $4.6 million in 2022. The report emphasizes the need for robust security measures to safeguard sensitive information against such tactics.
Employee negligence or mistakes, such as failing to secure devices, not following the company’s security policy, or neglecting to patch and upgrade, accounted for 55% of cyberattacks covered in the report, with an average annual remediation cost of $7.2 million, up from $6.6 million in 2022.
Malicious insiders, employees or authorized individuals who use their data access for harmful, unethical, or illegal activities, accounted for 1,874 incidents (25%), costing an average of $701,500 per incident. The average annual cost of an incident by malicious insiders was $4.8 million, up from $4.1 million in 2022.
Total potential losses from cyberattacks and cyber fraud surged 48% last year to $10.2 billion from $6.9 billion in 2021, according to the FBI. The FBI’s Internet Crime Complaint Center received 21,832 complaints involving fraud attempts via “business email compromise” scams in particular, with adjusted losses totaling over $2.7 billion.
Fraudsters use such scams to compromise legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds. Social engineering refers to manipulation techniques designed to exploit human behavior and error to gain access to valuable information or assets.
“As fraudsters have become more sophisticated and preventative measures have been put in place, the BEC scheme has continually evolved in kind,” the report said. “The scheme has evolved from simple hacking or spoofing of business and personal email accounts and a request to send wire payments to fraudulent bank accounts.”
Despite the growing cost of insider risks, 88% of organizations spent less than 10% of their total IT security budget on insider risk management, according to the Ponemon study.
“This highlights a widespread misunderstanding of the types of insider risks and the failure to proactively protect customer data and IP [intellectual property],” Rajan Koo, chief technology officer of DTEX Systems, said in a press release.
