Annual Cost of Insider Cybersecurity Incidents Has Risen 31% in 2 Years

The frequency of cybersecurity incidents caused by insiders has increased by 47% in the past two years and the average annual global cost of those cybersecurity incidents has increased by 31% over the same period, according to new research conducted by the Ponemon Institute. The average annual cost of insider incidents is now $11.45 million.

The research was conducted for the 2020 Cost of Insider Threats study on behalf of the Proofpoint company, ObserveIT. 964 IT and security professionals at 204 organizations in North America, Europe, Africa, the Middle East and Asia-Pacific were surveyed for the study.

Insider incidents were divided into three categories: Incidents that resulted from mistakes made by employees (negligent insiders); incidents deliberately caused by employees and contractors to harm the company (criminal insiders); and incidents involving the use of insiders’ login details to gain access to applications, systems, and data (credential insiders).

In the past 12 months, 4,716 insider incidents occurred. Incidents caused by credential insiders were the costliest to resolve. The average cost of credential insider attacks was $871,000 per incident and $2.79 million per year. Attacks by criminal insiders cost an average of $756,000 per incident and $4.08 million a year, and incidents caused by negligent insiders cost an average of $307,000 per incident and $4.58 million per year. Negligent insiders were behind 62% of incidents, 23% of incidents were attributed to credential insiders, and 14% were due to criminal insiders.

Organizations are spending 60% more dealing with insider incidents than they were three years ago, and costs have increased by 25% since 2018. The fastest rising cost is investigating insider incidents, with this cost center increasing by 86% in the past three years. The study revealed the highest cost is containing attacks, with an average organization cost of $211,533 per year.

On average it takes 77 days to contain an incident and the longer it takes, the higher the cost. Incidents that took less than 30 days to contain cost an average of $7.12 million and incidents that took longer than 90 days to contain cost an average of $13.71 million.

The cost of the incidents increases with the size of the company. Organizations with more than 75,000 employees faced the highest costs from insider incidents with an average of $17.92 million spent dealing with insider incidents in the past 12 months. Organizations with 500 or fewer employees spent an average of $7.68 million dealing with insider incidents.

The annual costs of insider incidents varied considerably by industry sector. Organizations in the financial services sector spent an average of $14.5 million in the past year on insider incidents and the lowest costs were in education and research, with annual costs of $8.85 million. The health and pharmaceutical sector spent an average of $10.81 million in the past year on insider incidents.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.