A Majority of Companies Suffer Multiple Insider Cyberattacks
October 16, 2024
According to an annual report cited in Dark Reading, the number of insider cyberattacks is staggering. In 2023, 60 percent of organizations reported insider cyber breaches or cyberattacks; the number was even higher—83 percent—in 2024.
Over that same one-year period, the percentage of respondent organizations reporting between six and ten attacks rose from 13 percent to 25 percent.
The Dark Reading article by associate editor Kristina Beek is largely based on annual survey research from Gurucul, a risk detection and cybersecurity company. Insider cyberattacks are broadly defined to include risks originating from contractors and partners, as well as “risks originating from individuals within an organization who have authorized access to systems and data but misuse that access, either maliciously or unintentionally.”
According to Gurucul’s research, the increasing complexity and interconnectedness of corporate tech systems and their data and the resulting expansion of the “attack surface “are among the drivers of insider threats.
Other contributing factors include a chronic shortage of in-house IT staff, overworking those in place, and “gaps in insider risk management.” Those gaps are said to include insufficient employee monitoring, weak policy enforcement, and “executive management and policy issues.”
Gurucul also examined the costs of remediation following insider attacks. Remediation was broadly defined to include “reputational damage control,” fines and legal fees, system restoration, and data recovery.
The writer notes that these costs often reach “eyewatering heights.” About a third of respondent organizations pegged them at between $100,000 and $499,000, while at the high end, 21 percent estimated remediation costs at between $1 million and $2 million.
A major takeaway from the Gurucul research is the stark reality that the cost of prevention, almost regardless of how much it proves to be, will likely be dwarfed by the cost of remediation.
Critical intelligence for general counsel
Stay on top of the latest news, solutions and best practices by reading Daily Updates from Today's General Counsel.
Daily Updates
Sign up for our free daily newsletter for the latest news and business legal developments.