Insider Threat Statistics: The Cost of Insider Threats

$8.76 Million: The Average Yearly Cost of Insider Threats

Source: Ponemon Institute

Download The Ponemon Report

Your Biggest Risk Could Be the People You Trust Most.

Employees and third-party contractors are regularly given access to critical systems, files, and data to do their jobs. But without visibility into how they are using these tools, it can be difficult to determine whether their activity is putting your organization at risk. Here are some insider threat statistics to help drive your thinking as you move forward with building an insider threat management program:

  • Darren the Developer

    Contracting with the company as a web developer since 2012.

    Darren the developer

    Web based hosting sites increase my efficiency

    Yearly Cost: $3.8 million or Darren’s retainer for 62 years

  • Callie from Customer Success

    About to snap from customer complaints

    Callie from customer service

    I didn’t sign up for this. I’ll show them.

    Yearly Cost: $3.0 million or hiring 64 entry-level customer reps

  • Paul from Peoria

    Stole the CFO’s login information

    Paul from Peoria

    I thought the password Sue1234 was fine!

    Yearly Cost: $2.0 million or the cost of employing 6 CFOs

The Ponemon Institute surveyed 717 global security practitioners who reported 3,269 insider incidents in the past year in the 2018 Cost of an Insider Threat Report.

Download Now
Frequency of 3,269 incidents for three insider profiles

Two out of three insider incidents happen from employee or contractor negligence.

Even Darren the developer makes mistakes.

  • Darren the developer2081: Employee or contractor negligence
  • Callie from customer service748: Criminal and malicious insider
  • Paul from Peoria440: Credential thief (imposter risk)
Total annualized cost by time (days) to contain the insider-related incident

On average, it takes 72 days to contain an insider threat.

The longer an insider threat goes undetected, the more expensive it gets. Don’t let Callie’s revenge cost you $9.55 million.

Average cost per incident for three profiles

Credential theft is the most costly type of insider threat.

In 60 seconds, Paul from Peoria could make off with more than $645,000.

  • Darren the developer$283K: Employee or contractor negligence
  • Callie from customer service$608K: Criminal and malicious insider
  • Paul from Peoria$649K: Credential thief (imposter risk)

Reduce the cost of insider threats with the right detection, investigation and prevention technology.

You may have a Darren, Callie or Paul. Stop insider threats in their tracks.


Know how your users are handling personal data


Lower cost by investigating incidents in minutes


Stop exfiltration with real-time user notifications and blocking

Learn more about the cost of insider threats and how to prevent them.

Download The Ponemon Report