Based on 326 cybersecurity professionals, this survey uncovers the trends around insider threats and how organisations respond. It found heightened concern over the insider threat risk. 

  • 74% of respondents feel moderately to extremely vulnerable to insider threats. 74% also say these attacks have become more frequent in the last 12 months. 
  • The most critical impacts of insider attacks were loss of critical data (45%), brand damage (43%), and operational disruption or outage (41%).
  • The motivation for the insiders are monetary gains followed by the desire to cause reputational damage to the organisation.
ISTARI Spotlight - Motivations for Malicious Insider Threats
Source: 2023 Insider Threat Report
  • The types of insider threats people are most concerned with include compromised accounts, inadvertent data breaches (where the employee doesn’t know they have violated security policy), negligent data breaches (where a user ignores the policy but doesn’t have bad intentions), and malicious data breaches (deliberate with bad intentions).
  • Security teams find it challenging to detect and prevent insider attacks, because perpetrators already have access to the network; because employees use apps like Dropbox or web email; and because employees are increasingly using their personal devices to access work information.
  • 39% of organisations have established an insider threat program, with 46% aiming to do so in future. These programs are most often overseen by the CISO and IT Security Managers.
ISTARI Spotlight - Insider Threat Program
Source:, 2023 Insider Threat Report
  • To prevent insider attacks, full visibility and control across the entirety of apps, devices, and infrastructure is seen as important by 87% of respondents. 53% believe that detecting these attacks has become harder since moving to the cloud.
  • A very common approach to combating insider threat is to monitor user behaviour: 86% of organisations monitor their user behaviour in some way.


Read the report