data and information . A total of an average 1,247 incidents ( or 18 %) involved cybercriminals stealing credentials .
• The time to contain an insider incident increased from the last study . It takes an average of nearly three months ( 85 days ) to contain an insider incident , up from 77 days in the previous study . Incidents that took more than 90 days to contain cost organisations US $ 17.19 million on an annualised basis , while incidents that lasted less than 30 days cost an average of US $ 11.23 million .
• Financial services and professional services have the highest average activity costs . The average activity cost for financial services is US $ 21.25 million and professional services is US $ 18.65 million . Service organisations represent a wide range of companies including accounting , consultancy and professional service firms .
• Organisational size affects the cost per incident . The cost of incidents varies
With people now the new perimeter , we recommend layered defences , including a dedicated insider threat management solution and strong security awareness training .
according to organisational size . Large organisations with a headcount of more than 75,000 spent an average of US $ 22.68 million over the past year to resolve insider-related incidents . To deal with the consequences of an insider incident , smaller-sized organisations with a headcount below 500 spent an average of US $ 8.13 million .
• North American companies are spending more than the average cost on activities that deal with insider threats . The total average cost of activities to resolve insider threats over a 12-month period is US $ 15.4 million . Companies in North America experienced the highest total cost at US $ 17.53 million . European companies had the next highest cost at US $ 15.44 million .
Five signs that your organisation is at risk :
• Employees are not trained to fully understand and apply laws , mandates , or regulatory requirements related to their work and that affect the organisation ’ s security .
• Employees are unaware of the steps they should take to ensure that the devices they use – both company-issued and BYOD – are secured at all times .
• Employees are sending highly confidential data to an unsecured location in the cloud , exposing the organisation to risk .
• Employees break your organisation ’ s security policies to simplify tasks .
• Employees expose your organisation to risk if they do not keep devices and services patched and upgraded to the latest versions .
Dr Larry Ponemon , Chairman and Founder of the Ponemon Institute , said : “ Insider threats continue to climb , both in frequency and remediation cost . That said , we are seeing the risk of malicious insider threats increase – with more users accessing business data from outside the confines of the office . This can blur the security team ’ s ability to identify and differentiate between well-meaning employees and malicious insiders trying to siphon sensitive business data .” •
40