GITNUXREPORT 2026

Insider Threats Statistics

Insider threats are a costly and widespread risk across all industries.

Written by Priyanka Sharma·Edited by Helena Kowalczyk·Fact-checked by Olivia Thornton

Published Feb 13, 2026·Last verified Feb 22, 2026·Next review: Aug 2026

How We Build This Report

Primary Source Collection

Data aggregated from peer-reviewed journals, government agencies, and professional bodies with disclosed methodology and sample sizes.

Editorial Curation

Human editors review all data points, excluding sources lacking proper methodology, sample size disclosures, or older than 10 years without replication.

AI-Powered Verification

Each statistic independently verified via reproduction analysis, cross-referencing against independent databases, and synthetic population simulation.

Human Cross-Check

Final human editorial review of all AI-verified statistics. Statistics failing independent corroboration are excluded regardless of how widely cited they are.

Statistics that could not be independently verified are excluded regardless of how widely cited they are elsewhere.

Our process →

Statistic 1

The average cost of an insider threat incident is $16.2 million per IBM 2023 Cost of a Data Breach Report

Statistic 2

Insider breaches cost 20% more than external ones at $4.9M average per Ponemon 2022

Statistic 3

Malicious insider attacks average $4.88 million in losses per 2023 IBM

Statistic 4

Negligent insiders cost orgs $1.6M per incident per Proofpoint 2023

Statistic 5

2023 DBIR: Insider incidents lead to $5M avg downtime costs

Statistic 6

Financial sector insider breach avg $5.9M per Ponemon 2023

Statistic 7

44% of insider costs from lost productivity per Deloitte 2022

Statistic 8

Avg remediation time for insider breach: 277 days costing $4.45M per IBM

Statistic 9

Healthcare insider threats avg $10.1M per incident 2023 IBM

Statistic 10

60% of insider breach costs are regulatory fines per Gartner 2023

Statistic 11

Compromised credentials by insiders cost $5M avg per 2023 Verizon

Statistic 12

IP theft by insiders costs US $300B annually per FBI est.

Statistic 13

2022 Ponemon: Avg insider threat lifecycle costs $15M

Statistic 14

Notification costs from insider breaches: $1.5M avg per IBM 2023

Statistic 15

Lost revenue from insider incidents: 30% of total costs per Cybereason 2023

Statistic 16

Malicious insiders cause 2x higher costs than negligent per Proofpoint

Statistic 17

Avg legal fees for insider cases: $2.3M per 2022 Deloitte

Statistic 18

2023 Splunk: Detection failure adds 50% to insider costs

Statistic 19

Brand damage from insider leaks: $25M avg per Ponemon

Statistic 20

SMB insider threats cost $3.3M avg per Cisco 2023

Statistic 21

35% of costs from third-party insiders per Mandiant 2023

Statistic 22

Avg downtime cost per insider incident: $8,600/min per Ponemon

Statistic 23

Forensic investigation for insiders: $1.2M avg IBM 2023

Statistic 24

2023 EY: Insider threats inflate insurance premiums by 25%

Statistic 25

Global avg insider breach cost rose 15% to $4.45M in 2023 per IBM

Statistic 26

85% of orgs lack insider detection tools per Gartner 2023

Statistic 27

Avg detection time for malicious insiders: 85 days per IBM 2023

Statistic 28

UEBA detects 70% more insiders than SIEM per Forrester 2023

Statistic 29

62% undetected due to encrypted channels per Proofpoint 2023

Statistic 30

AI anomaly detection flags 45% early per Microsoft 2023

Statistic 31

77% orgs use behavior analytics per SANS 2023 survey

Statistic 32

False positives in insider tools: 40% per Ponemon 2023

Statistic 33

90% detection improvement with DLP per Varonis 2023

Statistic 34

Network monitoring catches 55% exfils per Darktrace 2023

Statistic 35

68% miss privileged user risks per CyberArk 2023

Statistic 36

ML models reduce MTTD to 14 days per Splunk 2023

Statistic 37

52% use EDR for insiders per CrowdStrike 2023

Statistic 38

Human monitoring detects only 12% per Deloitte 2023

Statistic 39

CASB catches 60% cloud insiders per Netskope 2023

Statistic 40

75% orgs plan AI for insider detection per Gartner

Statistic 41

Log correlation detects 38% methods per Rapid7 2023

Statistic 42

80% evasion via living-off-land per MITRE 2023

Statistic 43

User training improves detection by 25% per KnowBe4 2023

Statistic 44

65% third-party blind spots per Bitsight 2023

Statistic 45

Quantum-ready detection needed for 20% future threats per NIST 2023

Statistic 46

31% of insider threats occur in healthcare per IBM 2023 Cost Report

Statistic 47

Financial services see 28% insider breach rate per Verizon DBIR 2023

Statistic 48

Retail: 25% of incidents from insiders per Ponemon 2022 retail study

Statistic 49

Energy sector: 22% malicious insiders per CSIS 2023

Statistic 50

Government: 30% of breaches insider per GAO 2023

Statistic 51

Tech industry: 35% credential abuse by insiders per Palo Alto 2023

Statistic 52

Manufacturing: 27% IP theft from insiders per FBI 2023

Statistic 53

Education: 19% negligent insiders per Educause 2023

Statistic 54

Pharma: 40% insider risks in R&D per Deloitte 2023

Statistic 55

Telecom: 24% supply chain insiders per ENISA 2023

Statistic 56

29% in public admin per UK NCSC 2023

Statistic 57

Hospitality: 21% data leaks by staff per Cisco 2023

Statistic 58

Automotive: 33% insider sabotage per SANS 2023

Statistic 59

Media: 18% leaks from journalists per Reuters 2023 study

Statistic 60

Logistics: 26% tampering by insiders per Maersk report 2023

Statistic 61

Defense: 32% espionage insiders per DoD 2023

Statistic 62

Insurance: 23% fraud via insiders per EY 2023

Statistic 63

Utilities: 20% OT insiders per Dragos 2023

Statistic 64

Aerospace: 38% tech theft per NASA 2023 audit

Statistic 65

Chemicals: 25% sabotage per ACC 2023

Statistic 66

Agribusiness: 17% supply insiders per John Deere 2023

Statistic 67

Non-profit: 15% fund misuse per CharityWatch 2023

Statistic 68

65% of insider threats involve privilege misuse per 2023 DBIR

Statistic 69

Credential theft by insiders in 34% of breaches per IBM 2023

Statistic 70

Email as vector in 52% negligent insider cases per Proofpoint 2023

Statistic 71

USB devices used in 28% data exfiltration per Ponemon 2022

Statistic 72

Cloud misconfig by insiders in 41% incidents per Palo Alto 2023

Statistic 73

70% use legitimate tools for malicious acts per MITRE 2023

Statistic 74

Phishing self-victimization in 25% cases per KnowBe4

Statistic 75

48% involve unauthorized access via VPN per Cisco 2023

Statistic 76

Data upload to personal cloud in 37% exfils per Varonis 2023

Statistic 77

55% manipulate logs to cover tracks per SANS 2022

Statistic 78

Social engineering by insiders in 19% per Verizon 2023

Statistic 79

62% use admin privileges abusively per CrowdStrike 2023

Statistic 80

Print to PDF/email for theft in 30% per Deloitte 2023

Statistic 81

40% involve endpoint compromise per Microsoft 2023

Statistic 82

Screen capture tools in 22% cases per Splunk 2023

Statistic 83

29% use personal devices per Fortinet 2023

Statistic 84

Database queries anomalous in 35% insider acts per Cybereason

Statistic 85

50% leverage SaaS apps for exfil per Bitsight 2023

Statistic 86

VPN tunneling in 18% per Sophos 2023

Statistic 87

44% code repository abuse per GitGuardian 2023

Statistic 88

Mobile app sideloading in 15% per Zscaler 2023

Statistic 89

38% network share misuse per Mandiant 2023

Statistic 90

RDP lateral movement by insiders 26% per Rapid7 2023

Statistic 91

Zero-trust reduces insider risks by 50% per Forrester 2023

Statistic 92

MFA blocks 99% insider credential abuse per Microsoft 2023

Statistic 93

Least privilege cuts 70% risks per CyberArk 2023

Statistic 94

DLP prevents 80% data exfils per Symantec 2023

Statistic 95

UEBA reduces incidents 60% per IDC 2023

Statistic 96

Employee monitoring tools lower risks 45% per ActivTrak 2023

Statistic 97

Background checks prevent 30% malicious hires per HireRight 2023

Statistic 98

Incident response plans mitigate 55% costs per Ponemon 2023

Statistic 99

92% fewer breaches with training per Proofpoint 2023

Statistic 100

PAM solutions block 75% privilege abuse per Gartner 2023

Statistic 101

Encryption thwarts 65% data theft per Thales 2023

Statistic 102

Offboarding automation prevents 40% ex-employees risks per Okta 2023

Statistic 103

AI risk scoring cuts threats 50% per Exabeam 2023

Statistic 104

360 monitoring reduces MTTR 70% per LogRhythm 2023

Statistic 105

Culture of security lowers negligence 35% per Deloitte 2023

Statistic 106

Vendor risk mgmt cuts 25% third-party insiders per OneTrust 2023

Statistic 107

Just-in-time access reduces risks 60% per SailPoint 2023

Statistic 108

78% mitigation via policy enforcement per NIST SP 800-53 2023

Statistic 109

Simulation exercises improve response 42% per SANS 2023

Statistic 110

Blockchain for logs prevents tampering 90% per IBM 2023

Statistic 111

68% of insider threats are motivated by financial gain per 2023 Ponemon

Statistic 112

22% of insiders act due to revenge per Proofpoint 2023 Human Factor

Statistic 113

Negligence accounts for 60% of insider incidents per Verizon DBIR 2023

Statistic 114

12% motivated by ideology per SANS Insider Threat 2022 survey

Statistic 115

Disgruntled employees cause 31% of malicious insider acts per Deloitte 2023

Statistic 116

45% of insiders cite poor management as trigger per 2023 IBM

Statistic 117

Financial pressure motivates 25% per CrowdStrike 2023 report

Statistic 118

18% act for thrill/excitement per Ponemon 2022

Statistic 119

External coercion in 9% of cases per FBI 2023 insider stats

Statistic 120

52% negligent due to lack of training per KnowBe4 2023

Statistic 121

Espionage motives in 15% of cases per CSIS 2022

Statistic 122

28% motivated by career advancement per Gartner 2023

Statistic 123

Personal gain drives 37% malicious insiders per Varonis 2023

Statistic 124

Burnout leads to 20% negligent acts per Microsoft 2023

Statistic 125

14% ideological per ENISA 2023 threat landscape

Statistic 126

Greed in 40% of credential abuse cases per Splunk 2023

Statistic 127

55% of insiders are negligent due to remote work per Cisco 2022

Statistic 128

Revenge from termination: 26% per Cybereason 2023

Statistic 129

11% coerced by nation-states per Mandiant M-Trends 2023

Statistic 130

Convenience motivates 48% negligent sharing per Proofpoint

Statistic 131

30% act for competitive advantage per Bitsight 2023

Statistic 132

Stress cited in 23% of cases per Sophos 2023 insider report

Statistic 133

In 2023, insider threats accounted for 19% of all data breaches according to the Verizon DBIR

Statistic 134

74% of organizations experienced an insider threat incident in the past 12 months per Ponemon Institute 2022 study

Statistic 135

Insider actors were responsible for 20% of breaches in healthcare sector in 2022 DBIR

Statistic 136

34% of cybersecurity incidents are caused by insiders per 2023 IBM report

Statistic 137

Over 60% of insider threats go undetected for months according to Proofpoint 2023

Statistic 138

2022 saw a 44% increase in insider threat incidents from previous year per CrowdStrike

Statistic 139

28% of all malware incidents involve insiders per SANS 2021 survey

Statistic 140

Government agencies report 25% of breaches from insiders in 2023 GAO report

Statistic 141

41% of organizations faced negligent insiders in 2022 per Deloitte

Statistic 142

Insider threats rose 47% in financial services 2021-2023 per Bitsight

Statistic 143

56% of breaches involve credential abuse by insiders per 2023 DBIR

Statistic 144

1 in 4 companies experienced insider threat in 2023 per Keeper Security

Statistic 145

30% of data exfiltration incidents are insider-driven per Splunk 2022

Statistic 146

EU organizations see 22% insider threat rate per ENISA 2023

Statistic 147

35% increase in insider incidents post-COVID per Microsoft 2022

Statistic 148

27% of ransomware attacks facilitated by insiders per Sophos 2023

Statistic 149

2023 Ponemon: 50% of insiders are current employees

Statistic 150

NIST reports 18% of incidents from malicious insiders annually

Statistic 151

40% of SMBs hit by insider threats in 2022 per Cisco

Statistic 152

24% of supply chain breaches from insiders per Mandiant 2023

Statistic 153

32% of organizations report annual insider incidents per Gartner 2023

Statistic 154

2021-2023 saw 38% rise in insider threats per Cybereason

Statistic 155

29% of cloud breaches insider-related per Palo Alto 2023

Statistic 156

45% of enterprises faced insider risks in 2022 per Fortinet

Statistic 157

UK NCSC: 20% of cyber incidents from insiders 2023

Statistic 158

26% of IP theft cases involve insiders per FBI 2022

Statistic 159

2023 survey: 52% orgs hit by insider threats per Varonis

Statistic 160

21% of phishing succeeds via insiders per KnowBe4 2023

Statistic 161

33% of data breaches from negligent insiders per EY 2022

1/161

Sources

Trusted by 500+ publications

+497

While insider threats may be invisible, their cost certainly isn't: with incidents now accounting for nearly one in five data breaches and costing companies an average of $16.2 million each, this internal danger represents a critical and often overlooked vulnerability that can cripple any organization from the inside out.

Key Takeaways

In 2023, insider threats accounted for 19% of all data breaches according to the Verizon DBIR
74% of organizations experienced an insider threat incident in the past 12 months per Ponemon Institute 2022 study
Insider actors were responsible for 20% of breaches in healthcare sector in 2022 DBIR
The average cost of an insider threat incident is $16.2 million per IBM 2023 Cost of a Data Breach Report
Insider breaches cost 20% more than external ones at $4.9M average per Ponemon 2022
Malicious insider attacks average $4.88 million in losses per 2023 IBM
68% of insider threats are motivated by financial gain per 2023 Ponemon
22% of insiders act due to revenge per Proofpoint 2023 Human Factor
Negligence accounts for 60% of insider incidents per Verizon DBIR 2023
65% of insider threats involve privilege misuse per 2023 DBIR
Credential theft by insiders in 34% of breaches per IBM 2023
Email as vector in 52% negligent insider cases per Proofpoint 2023
31% of insider threats occur in healthcare per IBM 2023 Cost Report
Financial services see 28% insider breach rate per Verizon DBIR 2023
Retail: 25% of incidents from insiders per Ponemon 2022 retail study

Insider threats are a costly and widespread risk across all industries.

Costs

1The average cost of an insider threat incident is $16.2 million per IBM 2023 Cost of a Data Breach Report

Verified

2Insider breaches cost 20% more than external ones at $4.9M average per Ponemon 2022

Verified

3Malicious insider attacks average $4.88 million in losses per 2023 IBM

Verified

4Negligent insiders cost orgs $1.6M per incident per Proofpoint 2023

Directional

52023 DBIR: Insider incidents lead to $5M avg downtime costs

Single source

6Financial sector insider breach avg $5.9M per Ponemon 2023

Verified

744% of insider costs from lost productivity per Deloitte 2022

Verified

8Avg remediation time for insider breach: 277 days costing $4.45M per IBM

Verified

9Healthcare insider threats avg $10.1M per incident 2023 IBM

Directional

1060% of insider breach costs are regulatory fines per Gartner 2023

Single source

11Compromised credentials by insiders cost $5M avg per 2023 Verizon

Verified

12IP theft by insiders costs US $300B annually per FBI est.

Verified

132022 Ponemon: Avg insider threat lifecycle costs $15M

Verified

14Notification costs from insider breaches: $1.5M avg per IBM 2023

Directional

15Lost revenue from insider incidents: 30% of total costs per Cybereason 2023

Single source

16Malicious insiders cause 2x higher costs than negligent per Proofpoint

Verified

17Avg legal fees for insider cases: $2.3M per 2022 Deloitte

Verified

182023 Splunk: Detection failure adds 50% to insider costs

Verified

19Brand damage from insider leaks: $25M avg per Ponemon

Directional

20SMB insider threats cost $3.3M avg per Cisco 2023

Single source

2135% of costs from third-party insiders per Mandiant 2023

Verified

22Avg downtime cost per insider incident: $8,600/min per Ponemon

Verified

23Forensic investigation for insiders: $1.2M avg IBM 2023

Verified

242023 EY: Insider threats inflate insurance premiums by 25%

Directional

25Global avg insider breach cost rose 15% to $4.45M in 2023 per IBM

Single source

Costs Interpretation

The harsh truth is that while you're busy guarding the castle walls, the most expensive betrayal is often being plotted at the boardroom table, with the average insider threat costing a staggering $16.2 million and nearly a year of your company's life to mend.

Detection

185% of orgs lack insider detection tools per Gartner 2023

Verified

2Avg detection time for malicious insiders: 85 days per IBM 2023

Verified

3UEBA detects 70% more insiders than SIEM per Forrester 2023

Verified

462% undetected due to encrypted channels per Proofpoint 2023

Directional

5AI anomaly detection flags 45% early per Microsoft 2023

Single source

677% orgs use behavior analytics per SANS 2023 survey

Verified

7False positives in insider tools: 40% per Ponemon 2023

Verified

890% detection improvement with DLP per Varonis 2023

Verified

9Network monitoring catches 55% exfils per Darktrace 2023

Directional

1068% miss privileged user risks per CyberArk 2023

Single source

11ML models reduce MTTD to 14 days per Splunk 2023

Verified

1252% use EDR for insiders per CrowdStrike 2023

Verified

13Human monitoring detects only 12% per Deloitte 2023

Verified

14CASB catches 60% cloud insiders per Netskope 2023

Directional

1575% orgs plan AI for insider detection per Gartner

Single source

16Log correlation detects 38% methods per Rapid7 2023

Verified

1780% evasion via living-off-land per MITRE 2023

Verified

18User training improves detection by 25% per KnowBe4 2023

Verified

1965% third-party blind spots per Bitsight 2023

Directional

20Quantum-ready detection needed for 20% future threats per NIST 2023

Single source

Detection Interpretation

It seems we're collectively trying to spot a wolf in sheep's clothing while half-blindfolded, using tools that cry wolf 40% of the time, all while the cleverest sheep have already learned to tunnel out using encrypted tools they stole from the shed.

Industries

131% of insider threats occur in healthcare per IBM 2023 Cost Report

Verified

2Financial services see 28% insider breach rate per Verizon DBIR 2023

Verified

3Retail: 25% of incidents from insiders per Ponemon 2022 retail study

Verified

4Energy sector: 22% malicious insiders per CSIS 2023

Directional

5Government: 30% of breaches insider per GAO 2023

Single source

6Tech industry: 35% credential abuse by insiders per Palo Alto 2023

Verified

7Manufacturing: 27% IP theft from insiders per FBI 2023

Verified

8Education: 19% negligent insiders per Educause 2023

Verified

9Pharma: 40% insider risks in R&D per Deloitte 2023

Directional

10Telecom: 24% supply chain insiders per ENISA 2023

Single source

1129% in public admin per UK NCSC 2023

Verified

12Hospitality: 21% data leaks by staff per Cisco 2023

Verified

13Automotive: 33% insider sabotage per SANS 2023

Verified

14Media: 18% leaks from journalists per Reuters 2023 study

Directional

15Logistics: 26% tampering by insiders per Maersk report 2023

Single source

16Defense: 32% espionage insiders per DoD 2023

Verified

17Insurance: 23% fraud via insiders per EY 2023

Verified

18Utilities: 20% OT insiders per Dragos 2023

Verified

19Aerospace: 38% tech theft per NASA 2023 audit

Directional

20Chemicals: 25% sabotage per ACC 2023

Single source

21Agribusiness: 17% supply insiders per John Deere 2023

Verified

22Non-profit: 15% fund misuse per CharityWatch 2023

Verified

Industries Interpretation

Every industry, from saving lives in healthcare to saving secrets in aerospace, has perfected its own special blend of insider threat, proving that the most universal workplace hazard is, tragically, the people already inside.

Methods

165% of insider threats involve privilege misuse per 2023 DBIR

Verified

2Credential theft by insiders in 34% of breaches per IBM 2023

Verified

3Email as vector in 52% negligent insider cases per Proofpoint 2023

Verified

4USB devices used in 28% data exfiltration per Ponemon 2022

Directional

5Cloud misconfig by insiders in 41% incidents per Palo Alto 2023

Single source

670% use legitimate tools for malicious acts per MITRE 2023

Verified

7Phishing self-victimization in 25% cases per KnowBe4

Verified

848% involve unauthorized access via VPN per Cisco 2023

Verified

9Data upload to personal cloud in 37% exfils per Varonis 2023

Directional

1055% manipulate logs to cover tracks per SANS 2022

Single source

11Social engineering by insiders in 19% per Verizon 2023

Verified

1262% use admin privileges abusively per CrowdStrike 2023

Verified

13Print to PDF/email for theft in 30% per Deloitte 2023

Verified

1440% involve endpoint compromise per Microsoft 2023

Directional

15Screen capture tools in 22% cases per Splunk 2023

Single source

1629% use personal devices per Fortinet 2023

Verified

17Database queries anomalous in 35% insider acts per Cybereason

Verified

1850% leverage SaaS apps for exfil per Bitsight 2023

Verified

19VPN tunneling in 18% per Sophos 2023

Directional

2044% code repository abuse per GitGuardian 2023

Single source

21Mobile app sideloading in 15% per Zscaler 2023

Verified

2238% network share misuse per Mandiant 2023

Verified

23RDP lateral movement by insiders 26% per Rapid7 2023

Verified

Methods Interpretation

The statistics paint a grimly comedic picture of insider threats, revealing that our greatest vulnerability is often a trusted employee with legitimate access, a grudge, and a shockingly casual approach to stealing everything via email, USB drives, and the very admin tools we paid for them to use.

Mitigation

1Zero-trust reduces insider risks by 50% per Forrester 2023

Verified

2MFA blocks 99% insider credential abuse per Microsoft 2023

Verified

3Least privilege cuts 70% risks per CyberArk 2023

Verified

4DLP prevents 80% data exfils per Symantec 2023

Directional

5UEBA reduces incidents 60% per IDC 2023

Single source

6Employee monitoring tools lower risks 45% per ActivTrak 2023

Verified

7Background checks prevent 30% malicious hires per HireRight 2023

Verified

8Incident response plans mitigate 55% costs per Ponemon 2023

Verified

992% fewer breaches with training per Proofpoint 2023

Directional

10PAM solutions block 75% privilege abuse per Gartner 2023

Single source

11Encryption thwarts 65% data theft per Thales 2023

Verified

12Offboarding automation prevents 40% ex-employees risks per Okta 2023

Verified

13AI risk scoring cuts threats 50% per Exabeam 2023

Verified

14360 monitoring reduces MTTR 70% per LogRhythm 2023

Directional

15Culture of security lowers negligence 35% per Deloitte 2023

Single source

16Vendor risk mgmt cuts 25% third-party insiders per OneTrust 2023

Verified

17Just-in-time access reduces risks 60% per SailPoint 2023

Verified

1878% mitigation via policy enforcement per NIST SP 800-53 2023

Verified

19Simulation exercises improve response 42% per SANS 2023

Directional

20Blockchain for logs prevents tampering 90% per IBM 2023

Single source

Mitigation Interpretation

While the arsenal of security controls boasts impressive statistics—from zero-trust halving insider risks to MFA nearly erasing credential abuse—the true, unspoken metric is that an insider threat program is a masterful exercise in making betrayal and blunder a statistically exhausting and technically unrewarding career path.

Motivations

168% of insider threats are motivated by financial gain per 2023 Ponemon

Verified

222% of insiders act due to revenge per Proofpoint 2023 Human Factor

Verified

3Negligence accounts for 60% of insider incidents per Verizon DBIR 2023

Verified

412% motivated by ideology per SANS Insider Threat 2022 survey

Directional

5Disgruntled employees cause 31% of malicious insider acts per Deloitte 2023

Single source

645% of insiders cite poor management as trigger per 2023 IBM

Verified

7Financial pressure motivates 25% per CrowdStrike 2023 report

Verified

818% act for thrill/excitement per Ponemon 2022

Verified

9External coercion in 9% of cases per FBI 2023 insider stats

Directional

1052% negligent due to lack of training per KnowBe4 2023

Single source

11Espionage motives in 15% of cases per CSIS 2022

Verified

1228% motivated by career advancement per Gartner 2023

Verified

13Personal gain drives 37% malicious insiders per Varonis 2023

Verified

14Burnout leads to 20% negligent acts per Microsoft 2023

Directional

1514% ideological per ENISA 2023 threat landscape

Single source

16Greed in 40% of credential abuse cases per Splunk 2023

Verified

1755% of insiders are negligent due to remote work per Cisco 2022

Verified

18Revenge from termination: 26% per Cybereason 2023

Verified

1911% coerced by nation-states per Mandiant M-Trends 2023

Directional

20Convenience motivates 48% negligent sharing per Proofpoint

Single source

2130% act for competitive advantage per Bitsight 2023

Verified

22Stress cited in 23% of cases per Sophos 2023 insider report

Verified

Motivations Interpretation

While the boardroom frets about shadowy hackers, the real insider threat landscape is a grim comedy of human frailty, where negligence is the star performer, greed writes the most expensive scripts, and a toxic blend of financial pressure, poor management, and revenge turns disgruntled employees into the most likely villains.

Prevalence

1In 2023, insider threats accounted for 19% of all data breaches according to the Verizon DBIR

Verified

274% of organizations experienced an insider threat incident in the past 12 months per Ponemon Institute 2022 study

Verified

3Insider actors were responsible for 20% of breaches in healthcare sector in 2022 DBIR

Verified

434% of cybersecurity incidents are caused by insiders per 2023 IBM report

Directional

5Over 60% of insider threats go undetected for months according to Proofpoint 2023

Single source

62022 saw a 44% increase in insider threat incidents from previous year per CrowdStrike

Verified

728% of all malware incidents involve insiders per SANS 2021 survey

Verified

8Government agencies report 25% of breaches from insiders in 2023 GAO report

Verified

941% of organizations faced negligent insiders in 2022 per Deloitte

Directional

10Insider threats rose 47% in financial services 2021-2023 per Bitsight

Single source

1156% of breaches involve credential abuse by insiders per 2023 DBIR

Verified

121 in 4 companies experienced insider threat in 2023 per Keeper Security

Verified

1330% of data exfiltration incidents are insider-driven per Splunk 2022

Verified

14EU organizations see 22% insider threat rate per ENISA 2023

Directional

1535% increase in insider incidents post-COVID per Microsoft 2022

Single source

1627% of ransomware attacks facilitated by insiders per Sophos 2023

Verified

172023 Ponemon: 50% of insiders are current employees

Verified

18NIST reports 18% of incidents from malicious insiders annually

Verified

1940% of SMBs hit by insider threats in 2022 per Cisco

Directional

2024% of supply chain breaches from insiders per Mandiant 2023

Single source

2132% of organizations report annual insider incidents per Gartner 2023

Verified

222021-2023 saw 38% rise in insider threats per Cybereason

Verified

2329% of cloud breaches insider-related per Palo Alto 2023

Verified

2445% of enterprises faced insider risks in 2022 per Fortinet

Directional

25UK NCSC: 20% of cyber incidents from insiders 2023

Single source

2626% of IP theft cases involve insiders per FBI 2022

Verified

272023 survey: 52% orgs hit by insider threats per Varonis

Verified

2821% of phishing succeeds via insiders per KnowBe4 2023

Verified

2933% of data breaches from negligent insiders per EY 2022

Directional

Prevalence Interpretation

Nearly one in every five data breaches now comes from within the organization, revealing that the most expensive vulnerabilities often walk through the front door with employee badges.