Insider Threat Statistics

60% of insider threat incidents involved personal cloud application instances in 2025.

93% of cybersecurity leaders reported incidents caused by cybercriminals exploiting employees.

Malicious insiders accounted for incidents at 36% of organizations.

58% of organizations attribute their most significant data loss events to careless employees or third-party contractors.

Only 15% of organizations feel fully prepared to handle the movement of sensitive data through SaaS and Shadow IT tools.

77% of organizations experienced insider-driven data loss in the past 18 months.

43% of security professionals are concerned about disgruntled employees.

55% of security professionals are concerned about departing employees.

• 21% of organizations faced more than 20 insider-related data loss incidents in the past 18 months.

17% of insider incidents involved personal healthcare information.

73% of security professionals are concerned about careless, negligent, or uninformed employees.

53% of insider incidents involved customer records.

47% of insider incidents involved personal information or Personally Identifiable Information (PII).

12% of detected insider incidents could not be attributed, underscoring challenges in detection.

40% of insider incidents involved business-sensitive financial and strategic information.

59% of security leaders are very concerned about accidental employee data leaks over the next 12 months.

Most insider incidents are unintentional: 62% were caused by negligent or compromised users.

Nearly half (49%) of insider incidents resulted specifically from accidental or negligent behavior.

Only 16% of insider incidents involved confirmed malicious intent.

37% of organizations reported detecting between 6 and 20 insider-related data loss incidents in the past 18 months.

76% of organizations reported losses exceeding $100,000 due to their most significant insider incident.

36% of insider incidents involved user credentials.

29% of insider incidents involved Intellectual Property (IP).

62% of security professionals are concerned about employees directly involved in the handling of sensitive data such as PII, PHI, or PCI.

When asked which egress channels for the outflow of sensitive data does your organization worry most about, 61% said personal cloud storage.

When asked which egress channels for the outflow of sensitive data does your organization worry most about, 56% said Generative AI tools like ChatGPT.

When asked which egress channels for the outflow of sensitive data does your organization worry most about, 55% said personal webmail.

When asked which egress channels for the outflow of sensitive data does your organization worry most about, 47% said removable media/storage devices like USB drives.

When asked which egress channels for the outflow of sensitive data does your organization worry most about, 44% said messaging apps.

When asked which egress channels for the outflow of sensitive data does your organization worry most about, 31% said screen captures.

49% of organizations agree, and 23% strongly agree, that they lack visibility into how users interact with sensitive data across endpoints, cloud apps, and GenAI platforms.

72% of organizations lack visibility into how users interact with sensitive data across endpoints, cloud apps, and GenAI platforms.

61% of security leaders are very concerned about credential compromise being used for insider activity over the next 12 months.

51% of organizations report operating at Maturity Level 2 (Implemented: tools are in place but fragmented across teams with limited integration).

46% say a lack of skilled staff is the biggest barrier to maturing their insider risk program.

42% say organizational silos (e.g., Security vs HR vs Legal) is the biggest barrier to maturing their insider risk program.

35% say insufficient budget is the biggest barrier to maturing their insider risk program.

31% say maintenance burden is the biggest barrier to maturing their insider risk program.

23% say user pushback or fear of harming culture is the biggest barrier to maturing their insider risk program.

72% of organizations say their budgets for insider risk or data protection are increasing.