Insider Threat vs Cyber Attack
Insider Threat
107
statistics from 13 sources
Cyber Attack
244
statistics from 54 sources
Latest Insider Threat
60% of insider threat incidents involved personal cloud application instances in 2025.
93% of cybersecurity leaders reported incidents caused by cybercriminals exploiting employees.
Malicious insiders accounted for incidents at 36% of organizations.
58% of organizations attribute their most significant data loss events to careless employees or third-party contractors.
Only 15% of organizations feel fully prepared to handle the movement of sensitive data through SaaS and Shadow IT tools.
77% of organizations experienced insider-driven data loss in the past 18 months.
43% of security professionals are concerned about disgruntled employees.
55% of security professionals are concerned about departing employees.
• 21% of organizations faced more than 20 insider-related data loss incidents in the past 18 months.
17% of insider incidents involved personal healthcare information.
73% of security professionals are concerned about careless, negligent, or uninformed employees.
53% of insider incidents involved customer records.
47% of insider incidents involved personal information or Personally Identifiable Information (PII).
12% of detected insider incidents could not be attributed, underscoring challenges in detection.
40% of insider incidents involved business-sensitive financial and strategic information.
Latest Cyber Attack
National security organizations faced an average of 137 attempted or successful cyberattacks per week in 2025, up from 127 cyberattacks per week in 2024.
Cyberattacks against agencies in the U.S. have surged 25% in the last year and occur more frequently on a weekly basis than in the UK.
Web applications are the most attacked service type at 61%, up from 41% in 2024; remote management protocols account for 15%.
72% of CISOs agreed that their role has evolved to include leading their organization’s ability to recover continuity following a cyberattack or security incident.
In 2025, 57% of CISOs reported that their organizations took more than 4.5 days on average for full remediation and recovery after a cyber incident.
In 2025, not a single Chief Information Security Officer (CISO) reported being able to recover from a cyber incident within a day.
In 2025, 19% of CISOs indicated that recovery efforts from cyber incidents extended as long as two weeks.
48% of New Yorkers stated they have been the victim of a cyberattack at least once.
43% of SMBs report they experienced a cyberattack in the past 5 years.
89% of schools experienced at least one cyber incident in the past year, primarily phishing, unauthorized access, and malware.
27% of SMBs said they were targeted in the past 12 months.
64% of SMB owners reportedly recovered quickly from a cyber attack.
3% of SMB owners faced severe, lasting damage following a cyber attack.
99% of organizations experienced at least one attack on their AI systems in the past year.
83% of US organizations reported a rise in cyberattacks.