Ponemon Institute Assesses the Cost of Insider Threats

A recently published Ponemon Institute study examines the cost of insider threats and quantifies exactly how much insider data breaches cost to resolve. The study examined three types of threats: careless employees and contractors, malicious insiders, and credential thieves.

The Dtex-sponsored study was conducted on 280 IT security practitioners from 54 organizations, 13% of which were from the healthcare industry. Each organization employed more than 1,000 staff members. Those organizations had experienced a total of 874 insider incidents over the course of the previous 12 months.

The benchmarking study revealed the total average cost of insider incidents to be $4.3 million per year. The biggest cause of insider breaches was found to be careless or negligent employees and contractors, which accounted for 68% of all insider incidents. The second biggest cause was criminal insiders, which accounted for 22% of all incidents. 10% of incidents involved user credential theft.

The theft of user credentials may be the least common cause of insider incidents, but the incidents are the costliest to resolve. The average cost of incidents involving the theft of user credentials was determined to be $493,093 per incident. Incidents involving malicious insiders cost an average of $347,130 to resolve, and incidents caused as a result of carelessness or negligence by employees or contractors cost an average of $206,933 per incident to resolve.

The annualized cost of employee/contractor breaches was $2.29 million, incidents involving criminal and malicious insiders cost $1.23 million per year, while incidents involving credential thieves cost $776K a year to resolve.

The larger the organization, the more expensive it was to resolve the incidents. Organizations that employed more than 75,000 staff members spent an average of $7.8 million per year, while organizations employing between 1,000 and 5,000 staff spent an average of $2 million to resolve insider incidents.

The cost of resolving incidents was broken down into a number of different categories: Monitoring & surveillance, investigation, escalation, incident response, containment, ex-post analysis, and remediation. The highest costs for incidents involving criminal insiders and impostors was containment, closely followed by remediation. For incidents caused by negligence, the biggest costs were remediation, followed by incident response.

Kaspersky Lab Study Assesses Cost of Cyberattacks

While the Ponemon Institute was assessing the cost of insider incidents, Kaspersky Lab was assessing the cost of cyberattacks. For the Kaspersky Lab study, 4,000 individuals were asked their opinions on the IT security incidents they have had to deal with. The study was conducted on small, medium, and large organizations from 25 countries.

The study similarly showed the cost of resolving incidents increases with the size of the organization. In the United States, large organizations spent an average of $861,000 to resolve each cybersecurity incident. The average cost to resolve cybersecurity incidents for SMBs was determined to $86,500.

The study showed the cost of resolving cyber security incidents depends on how long it takes to discover the breach. For large organizations, the cost of resolving cyber incidents was found to be 27% higher if the breach was discovered more than a week after it had occurred, compared to the cost if the breach was discovered within 24 hours. For SMBs, the cost of resolution was 44% higher after a week than if the breach was discovered on day 1.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.