Insider threats cost organizations $15.4 million annually

Proofpoint, released its 2022 Cost of Insider Threats Global Report to identify the costs and trends associated with negligent, compromised, and malicious insiders. Notably, on average, impacted organizations spent $15.4 million annually on overall insider threat remediation and took 85 days to contain each incident.

The Report, independently conducted by Ponemon Institute, is issued every 2 years and now in its fourth edition. It surveyed over 1,000 IT and IT security practitioners across North America, Europe, Middle East, Africa, and Asia-Pacific. Each organization included in the study experienced one or more material events caused by an insider. The Report reveals that over the last two years, the frequency and costs associated with insider threats have increased dramatically across all three insider threat categories, including: careless or negligent employees/contractors, criminal or malicious insiders, and cybercriminal credential theft.

“Months of sustained remote and hybrid working leading up to “The Great Resignation” has resulted in an increased risk around insider threat incidents, as people leave organizations and take data with them,” said Ryan Kalember, executive vice president of cybersecurity strategy at Proofpoint. “In addition, organizational insiders, including employees, contractors, and third-party vendors, are an attractive attack vector for cybercriminals due to their far-reaching access to critical systems, data, and infrastructure. With people now the new perimeter, we recommend layered defenses, including a dedicated insider threat management solution and strong security awareness training, to provide the best protection against these types of risks.”

“This year’s report reveals that organizations in the Middle East and Africa have experienced the highest number of insider-related threats over the past 12 months, and are the most likely to experience credential theft”, said Emile Abou Saleh, Regional Director, Middle East & Africa at Proofpoint. “It is therefore imperative that organizations in the region remain alert and foster a strong security culture among its employees through effective and ongoing security awareness training underpinned by a people-centric cybersecurity approach”.

Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute commented “Insider threats continue to climb, both in frequency and remediation cost. That said, we are seeing the risk of malicious insider threats increase – with more users accessing business data from outside the confines of the office. This can blur the security team’s ability to identify and differentiate between well-meaning employees, and malicious insiders trying to siphon sensitive business data.”

To download the 2022 Cost of Insider Threats Global Report, please visit: