Organisations in Middle East spend more than global average on insider threats

INSUBCONTINENT EXCLUSIVE:
Organisations in the Middle East spent more than the global average of $11.45m annually on overall insider threat remediation.The region
commissioned with The Ponemon Institute and co-sponsored by IBM, the frequency and costs associated with insider threats over the last two
years increased dramatically across all three insider threat categories, including careless or negligent employees/contractors, criminal or
malicious insiders, and cybercriminal credential theft.The targeted organisations in the survey were businesses with a global headcount of
Middle East have experienced the highest number of insider-related incidents over the past 12 months, and are likely to experience
organisations in the Middle East to build a culture of cybersecurity among their employees by putting in place cybersecurity awareness
31% increase from $8.76 million in 2018 to $11.45 million in 2020.Also, the number of incidents has increased by a staggering 47% in just
two years, from 3,200 in 2018 (Ponemon) to 4,700 in 2020.The data show that insider threats are still a lingering and often under-addressed
cybersecurity threat within organisations, compared with external threats.More than 60% of reported insider threat incidents were the result
of a careless employee or contractor and 23% were caused by malicious insiders.A total of 14% of all insider threat incidents involved
cybercriminals stealing credentials.The report showed that it takes an average of 77 days to contain each insider threat incident while only
incidents involving employee or contractor negligence has increased from 13.4 to 14.5 per organisation.The average number of credential
theft incidents has tripled over the past two years, from 1.0 to 2.9 per organisation
That said, 60% of organisations had more than 30 incidents per year.The cost of incidents varied according to organisational size as large
organisations (with a headcount of more than 75,000) spent an average of $17.92m over the past year to resolve insider-related incidents.To
deal with the consequences of an insider incident, smaller-sized organisations (those with a headcount below 500) spent an average of
$7.68m.The fastest-growing industries for insider threat were retail (38.2% increase in two years) and financial services (20.3% increase in
including employees, contractors, and third-party vendors, are an attractive attack vector for cybercriminals due to their far-reaching
access to critical systems, data, and infrastructure
Given that users regularly work across a wide range of applications and systems, we recommend layered defences, including a dedicated