DTEX Systems recently unveiled an analysis emphasizing the causes and financial implications of insider threats. The report indicated a rise in the annual average cost tied to insider risks by 40% in a span of four years. Concurrently, it takes about 86 days on average for organizations to manage and contain an insider-related incident.
A notable 46% of companies are looking to bolster their investment in programs that focus on mitigating insider threats by 2024. The findings revealed that a whopping 77% of enterprises have either initiated or are contemplating the initiation of an insider threat management initiative.
However, a striking disparity exists in budget allocation. While the threat from insiders looms large, 88% of companies allotted less than a tenth of their IT security financial resources to insider threat management. The vast majority of the IT security budget, approximately 91.8%, was channeled towards countering external threats. This is surprising given that a significant number of companies identified social engineering techniques as primary catalysts for most external breaches.
The report provides a breakdown of spending in the insider risk management sector. About 10% of the allocated budget, which translates to an average of $63,383 for every incident, was designated for proactive measures. This includes $33,596 dedicated to oversight and surveillance and another $29,787 for post-event assessment. This latter category encompasses efforts to avert potential insider-related disruptions in the future and the strategies devised to relay recommendations to pivotal company stakeholders. In stark contrast, the lion’s share of the budget, approximately 90% or an average of $565,363 per incident, was reserved for costs associated with managing the aftermath of an incident. These costs encompass containment, measures to rectify the situation, in-depth investigations, and responses to the incident, as well as its escalation.
The figures are intriguing given that a typical organization reserves merely 8.2% of its IT security funds for insider threat programs. A majority, 58% in fact, feel the current financial allocation is insufficient, with 46% predicting an upward revision in the upcoming year. Furthermore, 77% of enterprises are either in the process or are considering the launch of a dedicated program to address insider risks.
The analysis also highlighted the nature of insider threats. About 75% of those surveyed attributed insider threats to inadvertent actions rather than malicious intent. This encompasses employees who unintentionally err (55%) and those manipulated by external entities (20%). Additionally, 53% of companies recognized social engineering tactics, which include phishing and deceptive business communications, as the main culprits behind external breaches.
As companies realize the gravity of insider risks, over half (52%) of the enterprises with a dedicated insider risk management framework emphasize the importance of strong organizational support for such initiatives. Moreover, 51% maintain a specialized team comprising representatives from legal departments, human resources, IT security, and core business operations.
Innovative technologies also play a crucial role in addressing these challenges. One in three organizations deems artificial intelligence and machine learning as fundamental tools for managing insider incidents. Meanwhile, 31% consider these technologies to be of paramount importance.
For a comprehensive understanding, access the complete report.