Skip to content

Ponemon Institute Study 2022: Data incidents caused by insiders up 34 percent from 2020

Ponemon Institute released its ​2022 Ponemon Institute Cost of Insider Threats: Global Report commissioned by the security company ProofPoint.

The company surveyed over one thousand IT and IT security professionals from companies that experienced at least one insider caused incident. The companies were based in North America, Europe, Middle East, Africa, and Asia-Pacific regions.

The report concludes that over the last two years, the frequency and costs of insider data threats have increased across all three insider threat categories

  • careless or negligent employees/contractors
  • criminal or malicious insiders
  • cybercriminal credential theft.

The reason for this increase is the remote and hybrid work environment that led up to The Great Resignation, according to ProofPoint.

Main findings of the report

  • The number of incidents: up by 44 percent in just two years.
  • The frequency of incidents per company: 67% of companies experienced between 21 and 40 incidents per year (up from 60 percent in 2020).


Composition of the threat: A negligent insider is the root cause of most incidents.

  • 56% of reported insider threat incidents were the result of a careless employee or contractor (average cost $484,931 per incident).
  • Malicious or criminal insiders were behind 1 in 4 incidents (26%) (average cost per incident of $648,062).
  • Incidents including credential theft, stealing users’ credentials and accessing critical data represent 18% (almost double from the last study). At an average of $804,997 per incident, credential theft is the costliest to remediate.

Cost of the insider threats

  • Organizations impacted by insider threats spent an average of $15.4 million annually (up 34 percent).
  • It takes an average of 85 days to contain an insider incident (up from 77 days). The longer the incident takes to contain, the higher the price (more than 3 months – $17.19 million, less than 30 days – average of $11.23 million). The bigger the company, the higher the price (headcount of more than 75,000 – $22.68 million; headcount below 500 – $8.13 million).
  • The cost of insider threat is greatest in the North America and Europe ($17.53 million and $15.44 million).
  • Financial services and professional services have the highest average activity costs ($21.25 million and $18.65 million, respectively).

In a nutshell, insider threats continue to rise in frequency and remediation cost alike. The risk of malicious insider threats also continues to increase and the verticals that are affected the most are financial and professional services.


About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Safetica
Safetica is to provide small and mid-sized companies with the same quality data protection that corporations have – affordably, and without any additional IT administration or disruptions in operation.