1. Insights into insider threats
1.1. Organizations are most concerned about credential theft
1.2. Negligent employees and credential thieves are the root causes of most insider incidents
1.3. Vulnerable IoT devices are of greatest risk to data loss
1.4. Most sensitive data is in employees’ email
1.5. Malicious insiders use corporate email to steal sensitive data
1.6. As the volume and time to contain insider threats increases, advanced technologies such as user behavior tools and automation are important to helping reduce insider threats
2. Executive Summary
2.1. Credential Theft have almost doubled in number since 2020
2.1.1. Total number of benchmarked organization
2.1.1.1. 278
2.1.2. Total number of incidents
2.1.2.1. 6, 803
2.1.3. Total average of annual cost
2.1.3.1. $15.4M
2.1.4. Incidents relating to negligence
2.1.4.1. 56%
2.1.5. Incidents relating to criminal insider
2.1.5.1. 26%
2.1.6. Incidents relating to user credential theft
2.1.6.1. 18%
2.1.7. Annualized cost for negligence
2.1.7.1. $6.6M
2.1.8. Annualized cost for criminal insider
2.1.8.1. $4.1M
2.1.9. Annualized cost for credential theft
2.1.9.1. $4.6M
2.2. Negligent insider
2.2.1. 56% or 3,807 attacks
2.2.2. costing on average
2.2.2.1. $484,931
2.3. Malicious insider
2.3.1. 26% or 1,749 incidents
2.3.2. average cost per incident
2.3.2.1. $648,062
2.4. Signs that your organization is at risk
2.4.1. Employees are not trained to fully understand and apply laws, mandates, or regulatory requirements related to their work and that affects the organization’s security
2.4.2. Employees are unaware of the steps they should take at all times to ensure that the devices they use—both company issued and BYOD—are secured at all times.
2.4.3. Employees are sending highly confidential data to an unsecured location in the cloud, exposing the organization to risk.
2.4.4. Employees break your organization’s security policies to simplify tasks.
2.4.5. Employees expose your organization to risk if they do not keep devices and services patched and upgraded to the latest versions at all times.
3. About the study
3.1. Phases of this research project,
3.1.1. Working sessions to establish areas of inquiry
3.1.2. Recruitment of benchmark companies
3.1.3. Development of an activity-based costing framework
3.1.4. Administration of research program
3.1.5. Analysis of all results with appropriate reliability checks
3.1.6. Preparation of a report that summarizes all salient research findings
4. Benchedmarked Sample
4.1. Industry sectors of participating organizations
4.1.1. Financial Services
4.1.1.1. 17%
4.1.2. Services
4.1.2.1. 13%
4.1.3. Industrial & Manufacturing
4.1.3.1. 12%
4.1.4. Energy & Utilities
4.1.4.1. 11%
4.1.5. Retail
4.1.5.1. 10%
4.1.6. Technology & Software
4.1.6.1. 9%
4.1.7. Health & Pharmaceuticals
4.1.7.1. 6%
4.1.8. Hospitality
4.1.8.1. 6%
4.1.9. Consumer Products
4.1.9.1. 5%
4.1.10. Communications
4.1.10.1. 4%
4.1.11. Education & Research
4.1.11.1. 3%
4.1.12. Transportation
4.1.12.1. 2%
4.1.13. Entertainment & Media
4.1.13.1. 2%
4.2. Interviewees by position level or function
4.2.1. CISO
4.2.1.1. 15%
4.2.2. IT Operations
4.2.2.1. 14%
4.2.3. CIO
4.2.3.1. 12%
4.2.4. ITS Technician
4.2.4.1. 11%
4.2.5. IR Team
4.2.5.1. 9%
4.2.6. Finance & Accounting
4.2.6.1. 7%
4.2.7. SOC Management
4.2.7.1. 6%
4.2.8. CTO
4.2.8.1. 6%
4.2.9. CSO
4.2.9.1. 6%
4.2.10. Risk Management
4.2.10.1. 5%
4.2.11. Compliance
4.2.11.1. 4%
4.2.12. Analysts
4.2.12.1. 3%
4.3. Regional distribution of global organizations
4.3.1. North America
4.3.1.1. 44%
4.3.2. Europe
4.3.2.1. 27%
4.3.3. Middle East & Africa
4.3.3.1. 10%
4.3.4. Asia-Pacific
4.3.4.1. 19%