Insider Threat Survival Guide

Preparing for insider attacks, intentional or otherwise, before they happen can significantly reduce detection and response times and limit damage. Insider threats differ from external threats, requiring different training, policies, processes and tools to detect, assess, and respond to intentional and unintentional insider threat activities. Companies should prepare now, because one incident can cost millions.

Why is this guide so important? 

In 2022, insider threats have become more numerous, more expensive to remediate, and more varied, according to research from the Ponemon Institute. Two-thirds of companies (67%) respond to more than 20 insider-threat incidents per year.

• Negligent employees and contractors are the largest source of insider threats, accounting for 56% of all incidents.

• Imposters posing as insiders through stolen credentials is the fast growing threat, accounting for 18% of all incidents.

• The average company spent $15.4 million each year to monitor for, respond to, and remediate insider threat incidents.

Widely considered to be the most damaging type of cyberattack, insider threats have evolved over the past decade to become more numerous and varied. The average company now responds to more than 20 incidents each year, spending an average of $15.4 million to handle and recover from breaches caused by a variety of insider threats, including negligent workers, malicious employees, and imposters using stolen credentials.