7 Ways to Thwart Malicious Insiders

Malicious insider activity is less common than the inadvertent missteps by insiders -- but they are expensive. While malicious activity comprises just 23% of all insider incidents, according to a 2020 Ponemon survey, these attacks typically are more costly for the organization -- averaging $755,760 per incident and $4.08 million per year.

Overall, malicious and non-malicious insider incidents can account for the loss of up to 20% of annual revenue, according to research from Code42 and Aberdeen.

“Data today is digital and portable, so it's never been easier to take,” says Jadee Hanson, CISO and CIO at Code42. “There are countless ways for employees and contractors to move proprietary documents to a removable USB drive, personal Dropbox, or G-Drive and take it with them to benefit them in their next role or give a competitor a strategic advantage."

Hanson points to source code, patent applications, and customer lists being at risk. "Many of these cases go unreported and impact companies for years to come," she says.

Here are tips to protect against a malicious insider attack. Many of these best practices help prevent non-malicious insider incidents, as well.