I love some of the Ponema research and this 2022 piece on insider threat is no different.

Insider threat is something we’ve all dealt with. We’ve had it, and I’m certain every LinkedIn reader has had to deal with an insider threat, or knows someone who has.

In 2022, Ponema did a survey on Insider Threat where they benchmarked 278 organizations about insider threats. The numbers are staggering. Of the 278 organizations:

• They experienced 6803 insider incidents

• $15.4 mil in average annual cost

• 56% of the 6803 were due to negligence (at a cost of $6.6 mil, and $484,931 per incident!)

• 26% were malicious/criminal (costing $4.1 mil, $648,062 per incident)

• 18% were related to user credential theft ($4.6 mil)

Ponema breaks out headcount in the companies, and while this is to be expected, I think they could have done a better job on the distribution of headcount for the survey. 84% of their sample is over 500 employees, but over 90% of the population of American companies have fewer than 20 employees. I’d be really interested in understanding what a 25-person company sees.

Trusted Internet run, as part of our MSSP service, an internally hosted Veriato Cerebral server in a dedicated space, on its own network/circuit, operated outside of our normal SOC. We built it internally specifically for security and operate it in a segmented way… specifically to help companies who otherwise likely couldn’t afford it or don’t trust the cloud.

Insider threat is real. The numbers are massive. And now, with all of the tech layoffs, it will only get worse. Privileged users have access. Layoffs make people unhappy… This is the insider threat perfect storm.