Proofpoint released its global threats study in 2020. The report shows that organizations spend an average of 12 million dollars annually on addressing insider threats and take more than two months to process such incidents.
The study analyzed the costs and trends associated with negligent behavior, compromised accounts and malicious insider threats from employees, former employees, and contractors. The study, conducted on behalf of Proofpoint, surveyed nearly 1,000 IT security experts around the world. Each of the companies surveyed had to complain of at least one cyber incident that was caused by employees or former employees. Over the past two years, the frequency and cost of insider threats have increased dramatically in the following three categories.
Cyber Threats Must Be A Key Concern For Businesses Worldwide
Insiders in companies such as employees, contractors and third-party providers are attractive targets for cybercriminals. This is particularly so since they often have extensive access to critical systems, data and infrastructure. Because users today typically work in multiple applications and systems, companies should implement a multi-tier security solution. This includes among other things, a dedicated solution for the management of insider threats and appropriate training for employees to raise their awareness of the dangers that cybercriminals pose today.
The larger the organization, the more insider events occur. For large organizations with more than 100,000 employees, their costs averaged almost 20 million last year. In contrast, smaller organizations with fewer than 500 employees spent an average of 8 million.
The most expensive was the resolution of insider-related financial services incidents. In this market segment, companies spent more on eliminating insider threats per incident than in any other industry: The average effort over the past two years has been 15 million. For utilities, this was 12 million dollars in retail, an increase of almost 40 percent in two years.