Home Working Drives 44% Surge in Insider Threats
Insider threats cost organizations an average of over $15m annually to remediate last year, with stolen credentials a growing risk, according to Proofpoint.
The security vendor’s 2022 Cost of Insider Threats Global Report was compiled from interviews with over 1000 IT professionals and analysis of more than 6800 incidents across the globe.
It revealed that the cost and frequency of insider incidents are on the rise. Associated costs jumped 34%, from $11.5m in 2020 to $15.4m in 2021, while the overall volume surged by 44% over the period.
The frequency of incidents per company also increased, with 67% of companies experiencing between 21 and more than 40 incidents per year, up from 60% in 2020.
Negligence continues to account for the majority (56%) of insider threats, at the cost of nearly $485,000 per incident.
Failure to ensure devices are properly secured or patched and not following corporate security policy are typical issues that have exposed organizations over the past year. They’re especially prevalent as many employees now work from home, where it’s often harder for IT teams to enforce policy effectively.
That’s resulted in a near-doubling of credential theft incidents since 2020, at a cost to organizations of $804,997 per incident.
However, malicious intent is also a major cause of insider threats, accounting for a quarter (26%) of incidents at an average cost of $648,000 to remediate. Once again, the work-from-home (WFH) mandate has driven this trend, allowing employees more remote access to sensitive data, according to Proofpoint.
Ryan Kalember, EVP of cybersecurity strategy at Proofpoint, described people as the “new perimeter” in the fight against spiraling cyber-risk.
“Months of sustained remote and hybrid working leading up to ‘The Great Resignation’ has resulted in an increased risk around insider threat incidents, as people leave organizations and take data with them,” he argued.
“In addition, organizational insiders, including employees, contractors and third-party vendors, are an attractive attack vector for cyber-criminals due to their far-reaching access to critical systems, data and infrastructure.”
Unfortunately, current efforts to detect insider risk appear to be failing: it now takes an average of 85 days to contain an insider incident, up from 77 days in 2020.
More Stories
CISA Launches Playbook to Boost AI Cybersecurity Collaboration
CISA launched the JCDC AI Cybersecurity Playbook to enhance collaboration on AI cybersecurity risks Read More
Multi-Cloud Adoption Surges Amid Rising Security Concerns
A new report from Fortinet reveals increased adoption of multi-cloud strategies and hybrid implementations combining on-premises and public cloud infrastructure...
Chinese PlugX Malware Deleted in Global Law Enforcement Operation
The FBI deleted Chinese PlugX malware from thousands of devices in the US, using a technique developed by French cybersecurity...
Illicit Crypto-Inflows Set to Top $51bn in a Year
Chainalysis estimates threat actors made at least $51bn through crypto crime in 2024 Read More
Phishing False Alarm
A very security-conscious company was hit with a (presumed) massive state-actor phishing attack with gift cards, and everyone rallied to...
Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls
The security provider published mitigation measures to prevent exploitation Read More