THE REAL COST
OF FIGHTING THE
INSIDER THREAT
Detecting an insider threat can prove one of the biggest
challenges within the cybersecurity realm. Adenike
Cosgrove, Cybersecurity Strategy, International at
Proofpoint, explores the impact of an insider threat across
an organisation and how to avoid being left with a hefty bill.
nsider threats
I
are on the rise:
up 47% year-onyear,
in fact. And
organisations are
paying a heavy
price. The annual
cost of insider incidents now stands at
a huge US$11.45 million. That’s a 31%
increase over the last two years.
As with external threats, attackers’
tactics and motives differ. Unlike
outside-in attacks, attackers do not
need to breach defences and many are
unaware they’re a threat at all – making
them hard to profile, harder to detect
and extremely difficult to defend against.
Whether criminal intent or human error,
the result is the same. Total annual costs
for negligence-based threats average
US$4.58 million, compared to US$4.08
million for those with malicious motives.
Should either result in the loss or theft of
credentials, these cost an organisation
an average of US$2.79 million.
Figures of this magnitude can be difficult
to relate to but for the organisations
behind them, the impact of an insider
threat is incredibly real. Costs quickly
arise from additional labour and
investment in technology, through to
business disruption and revenue loss.
The average financial outlay for a single
incident is estimated at US$307,111
for a negligent threat, US$755,760 if
malicious and US$871,686 if it involves
the loss of credentials.
Insider threats – be they intentional
or not – cannot be entirely avoided.
That’s not to say that businesses must
accept these costs, however. By taking
a proactive approach through costeffective
tools and training, incidents can
be minimised and costs controlled.
Adenike Cosgrove, Cybersecurity Strategy,
International at Proofpoint
The financial reality of
insider threats
As the defence against insider threats
is broad, layered and varied, so too are
the costs involved. From the proactive,
monitoring and surveillance, to the
reactive, post-analysis and remediation,
an insider threat impacts numerous
activity centres across an organisation.
Threats must be thoroughly investigated
to determine the source and scope,
escalation and planning meetings
are required to inform all necessary
stakeholders and a response strategy
must be put into action. All of which
carries a substantial cost. As a result
of a single insider threat, organisations
spend around US$22,000 on monitoring
and surveillance and US$125,000 on
62 Issue 26 | www.intelligentciso.com