Posted in:

Editor’s View: Coronavirus calls for lock-down on insider threats

Coronavirus-damaged economies mean that the need to maintain a much closer watch on workplace behaviours – and the financial impacts of insider threats – has to be faced up to. By James Hayes.

Enterprise cyber security chiefs will doubtless closely monitor how the emptying of workplaces due to Coronavirus will affect insider threat incident levels. Will increased home working cause more or fewer insider threat incidents?

This is all the more critical at a time when pan-European lock-down is causing severe financial damage to so many of the continent’s commercial organisations. One of the most illuminating of the many cyber security sector reports I have read so far this year brings into stark focus an issue that looks destined to cause many such organisations to review their cyber security strategies, if they have not already done so.

The Cost of Insider Threats Global Report was researched by Ponemon Institute and sponsored by ObserveIT and IBM Security. The study’s headline revelation is that the overall cost of insider threats is rising sharply: a 31% increase from €7.91m in 2018 (Ponemon) to €10.34m in 2020.

In addition, the total number of incidents has increased by a whopping 47% in just two years, from 3,200 in 2018 to 4,716 in 2020. The figures show that insider threats are a persistent, often under-addressed menace within organisations, compared with external threats. It corroborates previous incident polls of cyber security chiefs already convinced that the internal threats are overtaking external ones as the biggest security foe.

The cost of insider threat varies significantly based on the type of incident. Criminal and malicious insiders have cost the organisations surveyed in the research an average of €688,315 per incident. But though malicious incidents are often the most publicised, they comprise less than a quarter – 23% – of incidents overall. Nonetheless, their impact can mount up over the course of the financial year, to cost each organisation an average of €3.69m.

If an instance of insider threat involves a negligent employee or contractor, each incident costs can average €279,704. However, given this type of incident is the most frequent (comprising 62% of incidents), the total costs can add up to an average of €4.14m per year per organisation.

A question that arises from this dire scenario for senior executives is: should a bigger slice of the enterprise cyber security budget now be re-allocated to deal with these internal challenges? Organisations have to face up to the fact that their businesses are under repeated malicious attacks, and that unless the question of insider threats is addressed more forcefully, they will continue to haemorrhage financial lifeblood as a result.

Given the scale of the current Coronavirus emergency, and the way it has caused all of us to reconsider the allowability of several established individual freedoms, c-suites should not balk at the prospect of more openly proactive monitoring of all employees’ IT usage practices and behaviours.

James Hayes is Managing Editor of Cyber Security Europe.