Insider cyber threats costing businesses £11.4m annually


Cybersecurity and compliance company Proofpoint has released its 2022 Cost of Insider Threats Global Report to identify the costs and trends associated with negligent, compromised, and malicious insiders.

Notably, on average, impacted organizations spent $15.4 million (£11.4 million) annually on overall insider threat remediation and took 85 days to contain each incident.

The report, independently conducted by Ponemon Institute, is issued every 2 years and is now in its fourth edition. It surveyed over 1,000 IT and IT security practitioners across North America, Europe, Middle East, Africa, and Asia-Pacific.

Each organization included in the study experienced one or more material events caused by an insider. The report reveals that over the last two years, the frequency and costs associated with insider threats have increased dramatically across all three insider threat categories, including: careless or negligent employees/contractors, criminal or malicious insiders, and cybercriminal credential theft.

“Months of sustained remote and hybrid working leading up to “The Great Resignation” has resulted in an increased risk around insider threat incidents, as people leave organizations and take data with them,” said Ryan Kalember, executive vice president of cybersecurity strategy at Proofpoint.

“In addition, organizational insiders, including employees, contractors, and third-party vendors, are an attractive attack vector for cybercriminals due to their far-reaching access to critical systems, data, and infrastructure. With people now the new perimeter, we recommend layered defenses, including a dedicated insider threat management solution and strong security awareness training, to provide the best protection against these types of risks.”

This year’s 2022 Cost of Insider Threats Global Report key findings include:

  • Organizations impacted by insider threats spent an average of $15.4 million annually—that’s up 34 per cent from $11.45 million in 2020.
  • The overall number of incidents has increased by a staggering 44 per cent in just two years. The frequency of incidents per company has also gone up with 67 percent of companies experiencing between 21 and more than 40 incidents per year, up from 60 percent in 2020.
  • The negligent insider is the root cause of most incidents. 56% of reported insider threat incidents were the result of a careless employee or contractor, costing on average $484,931 per incident. This could be the result of a variety of factors, including not ensuring their devices are secured, not following the company’s security policy, or forgetting to patch and upgrade.
  • Malicious or criminal insiders were behind 1 in 4 incidents (26%) at an average cost per incident of $648,062. Malicious insiders are employees or authorized individuals who use their data access for harmful, unethical, or illegal activities. Because employees are increasingly granted access to more information to enhance productivity in today’s work-from-anywhere workforce, malicious insiders are harder to detect than external attackers or hackers. 
Chris Price
For latest tech stories go to