Intelligent CISO Issue 26 | Page 64

investigation and escalation. All this before accounting for the costliest part of the operation: containment. Containing an insider incident accounts for one-third of the total costs involved, at approximately US$211,000. Closely followed by remediation at US$147,000 and incident response at US$118,000. Unsurprisingly, technology and labour are the two largest cost categories, accounting for almost half of the total outlay between them. This covers overtime, additional personnel, contractors and any software and hardware needed to remedy the situation. With the scope of a single incident laid bare, it’s easy to see why insider threats can be so destructive. Add a potential PR disaster and damage to reputation and stakes are seldom higher. Total annual costs for negligence-based threats average US$4.58 million. The most effective way to avoid such substantial financial consequences is to minimise the risk of an insider threat occurring in the first place. While proactive measures also carry a cost, it is always better to spend a penny on prevention than a pound on cure. Unfortunately, many organisations are lacking in this area. Training, while prevalent, is often inadequate and the methods used are rarely the most cost-effective. The current battleground The recent State of the Phish report found that 95% of organisations around the world undertake some form of cybersecurity training with employees. Unfortunately, under further examination, the content, frequency and methods used are found wanting. For most employees, security training totals just three hours over the course of a year. Many organisations only train a portion of their users and do not carry out in-person sessions or simulated attacks. As a result, much of the workforce is uneducated about common cyberthreats. Just 61% could correctly define phishing, with only 31% recognising ransomware and 66% familiar 64 Issue 26 | www.intelligentciso.com