TMCnet News

2023 Data Exposure Report: Companies Struggle to Build and Run Effective Programs to Protect Data From Insider Threats
[March 28, 2023]

2023 Data Exposure Report: Companies Struggle to Build and Run Effective Programs to Protect Data From Insider Threats

Code42 Software, Inc., the Insider Risk Management (IRM) leader, today released its Annual Data Exposure Report (DER) for 2023. The study, conducted by independent enterprise technology market research expert Vanson Bourne, found that Insider Risk is emerging as one of the most challenging threats to detect, mitigate and manage. Although more than 72% of companies indicate they have an IRM program in place, the same companies experienced a year-over-year increase in data loss incidents of 32%, and 71% expect data loss from insider events to increase in the next 12 months. With insider incidents costing organizations $16M per incident on average, and CISOs stating that Insider Risks are the most challenging type of threat to detect, the report is a clear call to action for the security industry to 'do better' and help professionals solve this challenge.

This press release features multimedia. View the full release here:

Annual Data Exposure Report 2023 (Graphic: Business Wire)

Annual Data Exposure Report 2023 (Graphic: Business Wire)

"Data loss from insiders is not a new problem but it has become more complex. Our past DER research has focused on the key drivers of Insider Risk like workforce turnover and cloud adoption. This year, our goal was to understand the specific challenges security teams face when building and maintaining Insider Risk programs," said Joe Payne, Code42 president and CEO. "The research reveals that both detection of and response to insider events have become more challenging. Organizations need to re-evaluate their approach to Insider Risk to ensure the technology and programs in place are effective, and that they drive cultures where employees make safer and smarter decisions about data. At Code42, we are focused on partnering with our customers to help them achieve this level of maturity."

Insider Risk is a cultural issue, not just a cybersecurity one

When compared with data from our last report, the impact of Insider Risk is being felt across an organization and is no longer limited to the cybersecurity team. 86% of respondents say an insider event would impact company culture, compared with 72% from the year prior. Similarly, impacts around employee acquisition/retention increased from 72% to 79%. This indicates that Insider Risk is an issue that is deeply intertwined with a company's culture and has a significant impact on the business.

The study also found:

  • Respondents say there would be a major or moderate impact on revenue (88%) and reputation (88%) following an Insider Risk event.
  • When asked about the types of Insider Risk they're most concerned about, respondents rank ccidental as number one, followed by malicious and negligent.
  • Respondents concerned with accidental events increased year-over-year while those concerned with negligent events decreased.

Insider Risk is a top concern for CISOs

CISOs are hyper aware of the growing challenges associated with managing Insider Risk, with over four in five (82%) CISOs indicating that data loss from insiders is a problem for their company. With 76% of CISOs anticipating data loss from insider events to increase at their company in the next 12 months, many are re-evaluating the current approaches, technologies and processes they have in place.

The study found:

  • 79% of CISOs feel they could lose their job from an unaddressed insider breach due to the impact it would have on corporate culture, reputation and financial standings.
  • CISOs ranked Insider Risk (27%) as the most difficult type of threat to detect at their company, placing it above cloud data exposures (26%) and malware/ransomware (22%).
  • Around four out of five (79%) CISOs do not feel the leadership team (board, C-suite) places enough attention on data loss from insiders.

Effectively managing Insider Risk requires the right technology and budget

While it's promising to see that more than 70% of companies have an IRM program in place, 85% of companies note they still face technology and visibility challenges when it comes to protecting against exploitation by insiders, suggesting that the programs in place are immature and ineffective.

The study also found:

  • Only 19% of companies' global cybersecurity budget is dedicated to detecting, investigating, responding and mitigating Insider Risk despite it being the hardest threat to detect.
  • Current IRM budgets are likely insufficient as 69% indicate that their budget for Insider Risk Management will increase over the next year.
  • Companies are leveraging multiple technologies to protect and manage Insider Risk - with the majority (90%) using a combination of IRM, DLP, CASB and UEBA to protect data from exfiltration by insiders.

As the need for data security training increases, the quality of trainings matters just as much as the frequency of trainings

The frequency of cybersecurity training has increased over time with 30% of companies now conducting training weekly compared with 22% in our last report. However, the data indicates that frequency alone is not effective in building resilience to Insider Risk. The quality of training is equally important and organizations must find a way to balance the two.

The study found:

  • The majority (93%) of CISOs agree that the new hybrid-remote workforce has increased the need for data security training in their company.
  • Those organizations conducting training weekly are more likely to say a complete overhaul is needed than those conducting it monthly (22% vs. 10% respectively).
  • The companies conducting monthly security training dropped from 32% to 27% year over year, with data indicating that more organizations are providing weekly training.

Additional Resources

Download the Annual Data Exposure Report 2023.

Read the blog "Companies Are Investing in Insider Risk Management, but They're Struggling with Poor Visibility and Cultural Engagement."

Register for our upcoming webinar on April 6 at 1 p.m. CT, featuring cybersecurity leader and advisor Wendy Overton.

Join the conversation with Code42 on our blog, LinkedIn, Twitter and YouTube.

About Code42:

Code42 is the leader in Insider Risk Management (IRM), offering end-to-end data loss detection and response solutions. The Code42 Incydr product is native to the cloud and rapidly detects data exposure, loss, leak and theft as well as speeds incident response - all without lengthy deployments, complex policy management or blocking employee productivity. Accelerating the effectiveness of Insider Risk programs are the Code42 Instructor microlearning solution, and Code42's full suite of expert services.

With Code42, security professionals can protect corporate data and reduce Insider Risk while fostering an open and collaborative culture for employees. Designed to meet regulatory control requirements, Code42's IRM solution is FEDRAMP authorized and can be configured for GDPR, HIPAA, PCI and other compliance frameworks. Innovative organizations, including the fastest-growing security companies, rely on Code42 to safeguard their ideas. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and backed by Accel Partners, JMI Equity, NewView and Split Rock Partners. Code42 has played a defining role in developing a vision and requirements for the IRM category - now recognized by Gartner, IDC and Forrester - and is a founding member of the annual Insider Risk Summit and Insider Risk Community.

The Company has several offices across the United States and its clients include large multinational organizations, such as CrowdStrike, Exabeam, BAYADA Home Health Care, Lending Club, MacDonald-Miller, MACOM, North Highland, Ping Identity, Shape Technologies, Snowflake, University of Georgia, User Testing, UTEX and Xactly.

© 2023 Code42 Software, Inc. All rights reserved. Code42, the Code42 logo, Incydr and Instructor are registered trademarks or trademarks of Code42 Software, Inc. in the United States and/or other countries. All other marks are properties of their respective owners.

About Vanson Bourne:

Vanson Bourne is an independent specialist in market research for the technology sector. Their reputation for robust and credible research-based analysis is founded upon rigorous research principles and their ability to seek the opinions of senior decision makers across technical and business functions, in all business sectors and all major markets. For more information, visit

[ Back To's Homepage ]