Ronald Hudson - Fotolia
- Kathleen Richards, Information Security
A new insider threat report found credential theft costs more than twice as much to resolve than incidents involving insider negligence by employees and contractors. Negligent insiders are the "root cause" of most reported events and represent the highest total annual cost to companies, according to researchers. However, imposters who steal credentials cost organizations an average of $648,846 per incident, compared to $283,281 for a security event involving carelessness.
The Ponemon Institute study "2018 Cost of Insider Threats: Global Organizations" looked at the direct and indirect costs of companies that experienced one or more material event caused by an insider during a 12-month period ending in January. Researchers interviewed 717 security and IT professionals in 159 organizations located in North American, Europe, Asia-Pacific, the Middle East and Africa. The job functions that participated in the insider threat report in the largest segments included CISOs (16%), IT operations practitioners (14%), IT technicians (13%) and CIOs (11%).
The 159 benchmarked companies experienced a total of 3,269 insider threat incidents during the 12-month timeframe, with a total average cost of $8.76 million, according to those surveyed. The insider threat report looked at costs related to loss of data and intellectual property, downtime and productivity loss, damages to equipment and assets, threat detection and remediation, legal and regulatory impact, and diminishment of brand and reputation. The costs were analyzed using an activities-based framework that included monitoring and surveillance, escalation, incident response, containment, investigation, remediation and post-event analysis. Not surprisingly, the total annual cost increased with the size of the company in terms of headcount, from $1.8 million at smaller organizations with 500 or fewer employees to $20 million at global organizations with 75,000 employees or more.
Ponemon's latest insider threat report followed a North American benchmark study the research firm conductred in 2016. According to the 2018 research, North American companies reported the highest number of insider threat incidents, and Asia-Pacific companies indicated the lowest. The 2018 insider threat report was sponsored by ObserveIT.
Dig Deeper on Security awareness training and insider threats
Security Think-Tank: Tackle insider threats to achieve data-centric security
GDPR drives down UK insider threat
Ransomware puts pressure on incident response
Thousands of significant cyber incidents hit Australian organisations