Organizations dealing with insider threats spent $15.4 million on average during 2021, a 34% increase from 2020, and required 85 days to contain each incident, according to a survey of 1,000 information technology and security professionals released on Jan. 25.
The survey, conducted by the Ponemon Institute and sponsored by enterprise security firm Proofpoint, documented 6,803 total insider incidents, including those caused by negligent employees, malicious insiders, and the theft of credentials by outside hackers. Because companies have accelerated their move to cloud services in the wake of the pandemic, the theft of credentials has become a more common — and the most expensive — insider threat, nearly doubling in frequency over the previous year.
Over the last 12 months, more than half of insider threat security incidents, 56%, were caused by negligent or careless employees, according to research from Ponemon Institute and sponsored by Proofpoint. The report, released Tuesday, surveyed more than 1,000 IT and IT security professionals globally in organizations that experienced at least one material event from an insider.
Global Cybersecurity Study: Insider Threats Cost Organizations $15.4 Million Annually, up 34 Percent from 2020
Proofpoint, Inc., a leading cybersecurity and compliance company, today released its 2022 Cost of Insider Threats Global Report to identify the costs and trends associated with negligent, compromised, and malicious insiders. Notably, on average, impacted organizations spent $15.4 million annually on overall insider threat remediation and took 85 days to contain each incident.
The Report, independently conducted by Ponemon Institute, is issued every 2 years and now in its fourth edition. It surveyed over 1,000 IT and IT security practitioners across North America, Europe, Middle East, Africa, and Asia-Pacific. Each organization included in the study experienced one or more material events caused by an insider. The Report reveals that over the last two years, the frequency and costs associated with insider threats have increased dramatically across all three insider threat categories, including: careless or negligent employees/contractors, criminal or malicious insiders, and cybercriminal credential theft.
To significantly reduce the risk of non-malicious insider breaches, employees should receive extensive security awareness training. This has become even more vital following the shift to remote working, with staff often without easy access to their IT team. Leaseweb UK’s Storrar commented: “Lack of education and human error are two of the largest causes of data breaches, and it is easy for an employee to unknowingly fall into the trap of poor security practices outside the office walls. This might be something as basic as storing confidential documents on a personal device, reusing passwords or forgetting to update software. The good news is that these are relatively simple to fix through training that encourages all employees to take responsibility for the safety of the data they use.”
Security experts have stood up for cybersecurity whistleblowers after a report on Monday claimed a senior employee at a well-known carmaker was fired after raising concerns about fraud.
The Volkswagen staffer was dismissed weeks after raising the alarm about possible vulnerabilities in the company’s payments platform, Volkswagen Payments SA, which JP Morgan bought a 75% stake in back in September 2021.
That same month, the VW employee told managers they were concerned about a potential “fraud event” that had recently taken place, and suggested the need for internal “kill switches” to limit the damage from such events.
Trade Secret Misappropriation Not Sufficiently Plead Where Defendant Possessed but did Not Threaten to Disclose Trade Secret Information in Southern District of New York Case
Last year, the U.S. District Court for the Southern District of New York addressed an issue of first impression concerning what constitutes “misappropriation” under the Defend Trade Secrets Act (DTSA) in a decision potentially relevant to cases involving allegations of trade secret misappropriation under the DTSA against a former employee. This case is worthy of note for any trade secret practitioner and is an important reminder that when pleading alleged trade secret misappropriation, it is not only important to describe the trade secret with sufficient particularity, but also to sufficiently describe the alleged misappropriation to illustrate the alleged acquisition of the trade secret by improper means or disclosure of the trade secret without consent.