Meet Ai3, the DTEX Risk Assistant. Fast-track effective insider risk management with guided investigations.



A Human-centric Approach to Operational Awareness and Risk Management.

Insider Risk Insights - DTEX Blog
  • Home
  • Press
  • New Study Reveals Costly Effects of Insider Threats on the Enterprise, Underscores Gap in Legacy Solutions

New Study Reveals Costly Effects of Insider Threats on the Enterprise, Underscores Gap in Legacy Solutions

Latest research from Ponemon Institute, sponsored by Dtex, reports an average of $4.3 million spent annually on mitigating and resolving insider threats.

September 14, 2016 6:30 AM Pacific Time

SAN JOSE, CA (September 14, 2016) – Dtex Systems™, a leading insider threat solution provider, today highlighted findings from a new benchmark study released by the Ponemon Institute, focused on quantifying the financial impact of insider threats on the enterprise. The report, titled ‘2016 Cost of Insider Threats,’ revealed that organizations are spending an average of $4.3 million annually to mitigate, address, and resolve insider-related incidents – with that spend surpassing $17 million annually in the most significant cases.

Historically, the definition of an insider threat required it to be malicious or criminal in nature, but this latest research broadens that scope to include three distinct types: employee or contractor negligence, criminal or malicious insiders, and user credential theft.

“External forces, or the possibility of an external attack, have commanded the focus and attention of today’s IT leaders with the perception that they pose the biggest threat to the enterprise,” said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute.  “Our study is the first of its kind to uncover the equally substantial – and, at times, devastating – effects that insider threats can impose on an organization, from mitigation and detection through resolution and investigation.”


While the report notes that user credential theft and malicious or criminal activity carried a more substantial cost-per-incident, the frequency and volume of insider incidents caused by employee and contractor negligence recorded the highest annual cost, averaging nearly $2.3 million.

“Companies perceive insider threat as mostly driven by malicious employees, but the fact is that a significant portion of the risk is due to insider carelessness,” said Christy Wyatt, CEO at Dtex Systems. “This study underscores what we’ve seen for many years now: well-intentioned employees don’t always fully understand what puts both them and valuable company information at risk.  In working with a wide range of organizations, of all sizes and across all industries, we’ve found that capturing and analyzing user activity at the endpoint is essential to rapidly identifying careless behavior and minimizing any impact.”


In addition to aggregating the costs resulting from insider-related incidents, the study analyzed the technologies and solutions deployed across the organizations surveyed to address insider threats, as well as the effectiveness of those solutions as measured in incremental cost savings.

In line with expectations, legacy solutions – such as data loss prevention (DLP), user awareness and training, and network intelligence – ranked among the most frequently deployed tools (at 46 percent, 43 percent, and 35 percent respectively). Yet, despite being the most pervasive, the incremental cost savings driven by these legacy technologies were among the lowest recorded, with network intelligence and user training yielding $0.3 million.

At the same time, the survey showed the average time to contain an insider-related incident across the same organizations was 65.4 days – and noted the total annualized cost for an incident lasting more than 60 days averaged $4.5 million, climbing to $5.7 million after 90 days.

While the solution categories that have emerged more recently – such as user behavior analytics (UBA) and threat intelligence – inevitably recorded less traction, they delivered the highest incremental cost savings at $1.1 million and $0.8 million respectively.

“We found that solutions focused on visibility and transparency, rather than stringent controls and limitations, are driving the most impact in terms of cost savings and return on investment,” said Ponemon. “Our recommendation for combatting costly insider threats is building a layered defense that delivers a comprehensive range of capabilities across visibility, detection, context, and rapid response.”

A complimentary version of the report, ‘2016 Cost of Insider Threats,’ is now available for download here.

About Dtex Systems

Dtex Systems arms enterprises across the globe with revolutionary technology to fight insider threats, data breaches, and outsider infiltration. As the only solution combining unparalleled endpoint visibility with advanced analytics, Dtex is able to pinpoint threats with greater accuracy than traditional security methods without adversely impacting user productivity. To learn more, visit

About Ponemon Institute

The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.