Today, I’m pleased to share some of the key findings from the 2020 Cost of Insider Threats Global Report. This is the third benchmark study, independently sponsored by IBM Security and ObserveIT to help understand the direct and indirect costs that result from insider threats. The first study was conducted in 2016 and focused exclusively on companies in the U.S.
In the 2020 study, we interviewed companies located in North America, Europe, the Middle East and the Asia-Pacific region. In the context of this research, an insider threat is defined as:
a careless or negligent employee or contractor,
a criminal or malicious insider, or
a credential thief.
Download the 2020 Cost of Insider Threats Report .
This year, we interviewed 964 IT and security practitioners to understand the costs associated with insider threats across the three primary insider threat profiles at 204 enterprise organizations. We found, on average, that the global average cost of an insider threat is $11.45 million. The frequency of insider incidents has tripled since 2016 from one to 3.2 per organization, and these 204 organizations experienced a total of 4,716 insider incidents over the past 12 months.
Highlights From the Cost of Insider Threats Report
The cost of insider incidents varies according to organizational size. Large organizations with a headcount of more than 75,000 spent an average of $17.92 million over the past year to resolve insider-related incidents.
The three largest industries affected were financial services, services, and technology and software. gaining insight ponemon institute insider threats report
