sb-as logo
Story image

Average cost of insider attack $2 million - Bitglass

The average cost of an insider attack within an enterprise is as much as $US2 million, according to a new report from Bitglass.

The company has released its 2020 insider threat report, which uncovers the state of enterprise security over insider threats. 

According to the findings, enterprises report that the average cost of an insider attack is as much as $US2 million, and employees, whether careless or malicious, can pose a great risk to organisations. 

A majority of survey respondents (61%) reported at least one insider attack over the past 12 months (22% reported at least six separate attacks).

Bitglass partnered with a leading cybersecurity community and surveyed IT professionals to understand how their businesses balance budgetary and data protection concerns while defending against insider threats.

"Businesses are currently undergoing seismic shifts, including rapid migrations to the cloud and widespread adoptions of remote work and BYOD (bring your own device) policies," Bitglass says.

"Along with these trends, securing against insider threats has become increasingly challenging."

Most organisations cannot guarantee that they can detect insider threats stemming from personal devices (82%) or the cloud (50%), while 81% find it difficult to assess the impact of insider attacks, the report shows.

Despite these concerns, few respondents have a single platform that delivers complete, unified visibility and control for any interaction.

The report found that when dealing with multiple disjointed tools that provide disparate levels of protection, security professionals spend an inordinate amount of time managing each of the solutions individually.

As such, 49% of respondents stated that at least one week typically goes by before insider attacks are detected; additionally, 44% said that another week usually passes before the organisation recovers from the attacks.

While organisations were already working with constrained security budgets before the pandemic, security teams are now being asked to do even more with less. 73% of companies’ security budgets are decreasing or staying flat over the next year.

“Enterprises report that loss of critical data and disruption to business operations are the biggest repercussions of insider attacks,” says Anurag Kahol, CTO of Bitglass. 

“Along with brand damage, remediation costs, legal liabilities, and loss of revenue, these are serious ramifications that must be prevented. 

"Enterprises need a multi-faceted security platform that is designed to monitor user behaviour, secure personal devices, deliver maximum uptime and cost savings, and prevent leakage on any interaction. Only then can they defend against insider threats.”

Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
Video: 10 Minute IT Jams - Who is CrowdStrike?
Today, Techday speaks to CrowdStrike ANZ channel director Luke Francis about the company's key products and offerings, its upcoming annual security conference, and the infrastructure it leverages in the A/NZ region.More
Story image
Proofpoint and CyberArk extend partnership to further safeguard high-risk users
“Our CyberArk partnership extension provides security teams with increased detection and enhanced adaptive controls to help prevent today’s most severe threats."More
Story image
Just one click – that’s all it takes to let in cyber-crime
So how do organisations ensure that users are not compromised by simply doing their work?  The answer is surprisingly simple, writes Bufferzone Security business strategist for A/NZ Greg Wyman.More