The cost of an insider-related breach has escalated to over $8.7m, according to the latest research from the Ponemon Institute.
The analyst was commissioned by ObserveIT to poll 700 IT and security practitioners around the world in order to compile the 2018 Cost of Insider Threats study.
While the cost of an insider security incident stood at nearly $8.8m, the average global cost of a regular breach according to IBM is $3.6m, less than half.
The average insider threat also takes on average more than two months to contain, according to the report.
Most respondents (64%) said negligent employees accounted for the majority of incidents, followed by malicious insiders (23%).
All types of insider threat activity are increasing. Since 2016, the average number of incidents involving malicious insiders has soared by 53%, while employee/contractor negligence has increased by 26%. The average number of credential theft incidents has more than doubled over the past two years, increasing by 170%.
That’s fuelling an increase in imposter attacks – the most expensive type of insider incident at an average of $648,846. This is followed by malicious insider incidents ($607,745) and contractor negligence ($283,281).
“Insider threats continue to threaten organizations across the globe, ultimately resulting in loss of mission critical data, downtime and lost productivity, and even reputational damage,” said ObserveIT CEO, Mike McKee.
“Understanding the growing costs and time associated with preventing and managing insider threats, organizations need to invest in a holistic cybersecurity solution to assist with real-time detection, deterrence, education and prevention.”
The latest Verizon DBIR found that insiders were to blame for a quarter (28%) of all breaches analyzed and that user error was a factor in 17% of breaches.
A separate report from Gemalto released recently also highlighted the dangers of negligent insiders.
Although accidental loss was the cause of just 18% of data breaches, it accounted for 76% of the total 2.6bn records compromised over the previous year, the security vendor claimed.