investigation and escalation. All this
before accounting for the costliest part
of the operation: containment.
Containing an insider incident accounts
for one-third of the total costs involved,
at approximately US$211,000. Closely
followed by remediation at US$147,000
and incident response at US$118,000.
Unsurprisingly, technology and labour
are the two largest cost categories,
accounting for almost half of the total
outlay between them. This covers
overtime, additional personnel,
contractors and any software and
hardware needed to remedy the situation.
With the scope of a single incident laid
bare, it’s easy to see why insider threats
can be so destructive. Add a potential
PR disaster and damage to reputation
and stakes are seldom higher.
Total annual
costs for
negligence-based
threats average
US$4.58 million.
The most effective way to avoid such
substantial financial consequences
is to minimise the risk of an insider
threat occurring in the first place. While
proactive measures also carry a cost,
it is always better to spend a penny on
prevention than a pound on cure.
Unfortunately, many organisations
are lacking in this area. Training,
while prevalent, is often inadequate
and the methods used are rarely the
most cost-effective.
The current battleground
The recent State of the Phish report
found that 95% of organisations around
the world undertake some form of
cybersecurity training with employees.
Unfortunately, under further examination,
the content, frequency and methods
used are found wanting.
For most employees, security training
totals just three hours over the course
of a year. Many organisations only
train a portion of their users and do
not carry out in-person sessions or
simulated attacks. As a result, much
of the workforce is uneducated about
common cyberthreats. Just 61% could
correctly define phishing, with only 31%
recognising ransomware and 66% familiar
64 Issue 26 | www.intelligentciso.com