September is National Insider Threat Awareness Month. We are doing our part to drive awareness for a sector of the security stack that is underrepresented in attention and budgets. Here’s a quick roundup of the key insider risk activities DTEX has been driving to mark #NITAM.
2023 Cost of Insider Risks Global Report
On September 20, 2023, we released the 2023 Cost of Insider Risks Global Report, independently conducted by Ponemon Institute. In the largest study of its kind to date, the findings show the average annual cost of an insider risk increased to $16.2M – a 40% increase over four years. Yet despite the growing cost and frequency of insider risks, companies are still underfunding this critical area. In fact, 58% of organizations say budgets for insider risk management are inadequate to contain the soaring cost and frequency of human-initiated security incidents.
The analysis found that 88% of organizations devoted less than 10% of their IT security budget to insider risk management (8.2% on average). On a positive note, companies are increasingly homing in on the need to address the human element, with 46% of organizations planning to increase their investment in insider risk programs in 2024.
Featuring responses from more than 1000 IT and IT security practitioners, the 2023 Cost of Insider Risks Global Report is a must-have resource for insider risk practitioners looking to justify additional budget towards their insider risk program and proactive mitigation efforts.
Slashing the $16.2M Cost of Insider Risks Videocast
To dive deeper into this analysis, DTEX CTO Rajan Koo and Dr. Larry Ponemon joined cybersecurity expert Christopher Burgess on Episode 3 of Conversations from the Inside to offer executives and practitioners unique insights into the key findings and lessons.
Key topics covered in the 45-minute episode include the expense of insider risk management, behavioral indicators of concern, and strategies for getting proactive. If you missed the live videocast, be sure to watch the replay to gain legitimate insights for “getting left of boom”.
Five Eyes Insider Risk Practitioner Alliance (FIRPA) Launch
On September 26, 2023, in support of National Insider Threat Awareness Month, DTEX joined MITRE Corporation and the Australian Insider Risk Centre of Excellence (among others) to support the first Five Eyes Insider Risk Practitioner Alliance (FIRPA) information-sharing event. The event, the first of its kind, featured dedicated collaborative workshops for trusted defense and critical infrastructure practitioners followed by a networking reception at the Australian Embassy in Washington, D.C.
The goal of FIRPA is to provide ongoing opportunities for insider risk practitioners to share best practices for building and running effective insider risk programs. Most importantly, FIRPA will be a trusted Five Eyes only forum for sharing early warning indicators of malicious insider behavior. To learn more about FIRPA or to request a confidential briefing around the Indicators of Malicious Insider Threat Research with MITRE and DTEX, get in touch.
Counter Insider Threat Symposium
Finally, DTEX was the lead sponsor of the Defense Strategy Institute’s 8th annual Counter Insider Threat Symposium, which ran from September 27-28 in Washington, D.C. The DSI’s Symposium directly supports DoD, IC, DOJ, DHS, and Government priorities by providing a conduit for officials to efficiently reach audiences outside of their respective offices that directly impact their department’s mission success.
As government agencies continue to face data breaches and unauthorized disclosures as a result of insider risks and threats, it has become increasingly important to ensure sufficient investments are being made in advanced counter insider risk programs. Organizations must look at behavioral, financial, and cultural indicators in addition to implementing adequate data security measures.
For support in driving proactive insider risk management and programs, contact DTEX.