A CISO’s Guide to Rethinking Insider Risk
80% of breaches originate outside of the organization, while only about 20% begin with trusted insiders, according to the Verizon 2022 Data Breach Investigations Report. It’s possible that because many organizations haven’t yet experienced a breach from an insider threat, they perceive external threats as the greater concern.
However, many in the cybersecurity community recognize another truth: the median size of internal breaches, measured in the number of compromised records, is more than 10 times that of their external counterparts, per the same study. Additionally, the costs associated with insider-caused breaches increased by more than a third between 2020 and 2022, with expenses for each individual incident averaging $15.38 million. This makes insider risk a significant and pervasive challenge, especially since insider incidents increased 44% in that same timespan.