The average annual cost of insider risk incidents has risen to $16.2m per organization in 2023, up from $15.4m in 2022, according to DTEX and the Ponemon Institute’s latest Cost of Insider Risks report. This represents a 40% rise over four years.
The research also found that the number of insider incidents has increased to 7343 from 6803 in the past year.
The average number of days taken to contain an incident remained similar in 2023 compared with 2022, 86 days vs 85 days. Containment and remediation represent the most expensive activity centers at $179,209 and $125,221 per incident, respectively.
Unsurprisingly, the costs to businesses rise significantly the longer it takes to respond to an insider incident, with Ponemon and DTEX finding that organizations that took more than 91 days to contain such incidents face annual costs exceeding $18.33m.
Malicious and Non Malicious Insiders
The study identified two categories of insider risk actors. Non-malicious insiders do not seek to cause harm, but do so through negligence, mistakes or being tricked by a malicious actor.
In contrast, a malicious insider does seek to ignore harm, undertaking activities such as IP theft, unauthorized disclosure, sabotage and fraud.
According to the report, which surveyed 1075 security and IT professionals, non-malicious insiders accounted for 75% of incidents. This was made up of either negligence or mistakes (55%), which cost $505,113 on average. or being duped by an external actor (20%).
While malicious insider threats only made up a quarter of incidents, these were significantly more expensive to respond to, costing businesses on average $701,500 per incident.
Investing in Insider Risk Management
Despite the substantial threat posed by insider risks, 88% of organizations surveyed devoted less than 10% of their IT security budget to this area, at an average of 8.2%. The remaining budget was spent on external threats.
In fact, just 6% of organizations said IT security was responsible for insider risk management, and the department most commonly responsible was legal (34%).
Encouragingly, security professionals appear to be aware of this imbalance, with 58% of respondents agreeing that current levels of insider threat management are inadequate, and nearly half (46%) of organizations are planning to increase investment in insider risk programs in 2024.
Over three-quarters (77%) revealed they have started or are planning to start an insider risk program.
Additionally, nearly two-thirds (64%) of respondents said they viewed AI and machine learning technologies as essential or very important in the proactive detection of insider threats.
DTEX Systems CTO Rajan Koo commented: “We are encouraged that organizations plan to increase investments in insider risk programs because it’s required by customers and new industry regulations – not just because of previous incidents. This is a significant change that portends long-overdue attention and prioritization.”