Since 2016 the Ponemon Institute has released a yearly report on the cost of insider threats, and this year’s report covered some statistics that may surprise you. Most people relate to incidents and breaches that originate from outside the organization. Practitioners, however know that they cannot focus only on the outsider threat but also the threat from insiders and how costly it can be.
The Ponemon Institute was able to shine some much needed light on the cost occurred by more than 700 organizations worldwide. The average annualized cost chart below refers to the total cost of all incidents in a year for the organization, averaged across the organizations studied.
The average annual cost of insider incidents totals an average of nearly $9 million, varying from about $2 to $20 million depending on company size. Individual incidents averaged $513,290 including costs from monitoring, investigation, escalation, incident response, containment, ex-post analysis and remediation. The data is from 3,269 incidents reported by 159 companies with different company sizes and industries well represented. The amount of time invested in cleaning up from these incidents tells how difficult they are. It took an average of 73 days to contain incidents with only 16% resolved in less than a month. Every one of the numbers and costs of incidents continue to grow each year when compared to previous studies, so the problem is getting worse across the board.
One of the more interesting aspects of the study is that incidents were divided into the three types shown in the chart – employee or contractor negligence, criminal & malicious insider, or credential theft. Negligence accounted for a little under two-thirds of the incidents, but they cost much less per incident at $283,281. Criminal and malicious insider events averaged $607,745 and events involving credential theft cost $648,845. What this means, is that while there were many nearly double the number of incidents from negligence, their average total annualized cost was less than the total cost of the malicious incidents – $3.8M to $4.9M respectively.
The data shows that we have a long way to go in dealing with a continuously growing insider threat. We need to invest in reducing the number and consequence of both negligent and malicious incidents and balance our efforts targeting both. This means following best practices for security of internal systems and key infrastructure such as Active Directory as well as monitoring for threats.
Looking back at these incidents and their high cost to organizations is great for awareness, but the report doesn’t offer solutions, just quantifies the cost of the problem. For more information on how to proactively minimize the expense associated with insider threats, visit www.stealthbits.com
Fred Pinkett is VP of Product Strategy at STEALTHbits Technologies responsible for product vision and innovation. With a 20+ year tenure in security and storage, Fred brings extensive Product experience to STEALTHbits. Prior to joining, Fred was Sr. Dir of Product Management at Nasuni, VP of Product Management for Security Innovation, and VP of Product Management at Core Security. He has also held senior product management positions at Pedestal Software, Network Associates, and RSA Security. Mr. Pinkett holds an MBA from Boston College and a Bachelor of Science in Computer Science and Engineering from Massachusetts Institute of Technology.