• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Compliance, IT Infrastructure, Network Security, News

Both Negligent and Malicious Insider Cyber Threats Are Increasing

Proofpoint survey shows that cybercriminals are increasingly relying on credential theft while malicious insider threats grow.

January 25, 2022 Zachary Comeau Leave a Comment

Insider Risk, Microsoft
stock.adobe.com/leowolfert

For the last two years as organizations adapt with remote work and other effects of the COVID-19 pandemic, cybercriminals have had a field day by exploiting weaknesses in distributed work security and the fact that our attention is elsewhere.

That has forced many companies to invest in new technology to harden network defenses from outside threats, but a new report from cybersecurity firm Proofpoint suggests insider threats are also costing organizations dearly as companies deal with an unmotivated workforce stemming from the pandemic.

The report, “2022 Cost of Insider Threats Global Report,” says negligent insiders are the root cause of 56% of incidents, with credential thefts almost doubling and becoming the costliest attack to remediate at an average of over $800,000 each.

The report, a survey of more than 1,000 IT and IT security professionals across North America, Europe, Middle East, Africa and Asia-Pacific in conjunction with the Ponemon Institute, shows that the frequency and associated cost of insider threats has increased dramatically over the last two years, including carelessness or negligence, malicious insiders and cybercriminal credential theft.

Annually, impacted organizations spend an average of $15.4 million on overall insider threat remediation, an increase of 34% from 2020.

In addition, the overall number of insider threats has skyrocketed, increasing by 44% in the last two years. Now, 67% of organizations are reporting between 21 and more than 40 incidents per year, which is up from 60% in 2020.

Credential theft continues to be a thorn in the side of IT security professionals, with those incidents being the costliest to mitigate at about $805,000 each. Those account compromises make up 18% of insider-based attacks, the report found.

Read Next: Your Guide to Implementing a Zero Trust Network Architecture

While negligence led to the bulk of cyberattacks that leveraged an insider, even more alarming are the increasing threats from malicious insiders. According to the study, malicious or criminal insiders were behind just over a quarter of incidents, with an average cost of just under $650,000.

However, when asked about which incidents they are most concerned about, IT pros indicated credential stealing by hackers far outweighs malicious or negligent insiders by marks of 55%, 24% and 21%, respectively.

Proofpoint’s survey echoes similar findings from cybersecurity company Hitachi ID, which released a survey this month in which 65% of IT professionals polled say employees in their organization have been approached (mostly via email) to assist with a ransomware attack, a 17% increase from a similar survey run in the fall of 2021.

Regardless of how insider threats originate, Proofpoint calls on organizations to gain visibility and context into data movement to help accelerate detection and response times. Proofpoint also urges companies to evaluate the organization’s risk and develop a dedicated insider threat program.

Ryan Kalember, executive vice president of cybersecurity strategy at Proofpoint, says months of sustained remote and hybrid work as well as The Great Resignation has resulted in increased risk round insider threats as employees leave and take data with them.

“In addition, organizational insiders, including employees, contractors, and third-party vendors, are an attractive attack vector for cybercriminals due to their far-reaching access to critical systems, data, and infrastructure,” he says. “With people now the new perimeter, we recommend layered defenses, including a dedicated insider threat management solution and strong security awareness training, to provide the best protection against these types of risks.”

Tagged With: Cybersecurity

Related Content:

  • IT news, This Week in it, Microsoft 365, Hive ransomware, iOS 16.3, AltspaceVR, RMM software This Week in IT: Microsoft Outage, VR, Cyberattacks,…
  • Cloud Security, Varonis Varonis Launches Automated Posture Management
  • Atera, OpenAI Atera Launches OpenAI Integration for IT Script Generating
  • Cisco New York office, hybrid workplace, hybrid meeting Take This Short Survey on Collaboration Technology

Free downloadable guide you may like:

  • Harnessing the Power of Digital SignageHarnessing the Power of Digital Signage

    Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Guide to creating a ransomware response plan download
Blueprint Series: Creating a Ransomware Response Plan

Chances are ransomware hackers are researching your company right now. They’re investing time and money to choose the most profitable targets and a...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.