Explore more publications!
Asia Pacific News Network
Got News to Share?

Insider Risk Costs Hit $19.5M USD Per Year as AI Creates New Blind Spots

Faster containment and mature insider risk programs are reducing losses, even as 92% say generative AI is changing how employees share information

SAN JOSE, Calif., Feb. 24, 2026 (GLOBE NEWSWIRE) -- DTEX, the leader in risk-adaptive security and behavioral intelligence, today released the 2026 Cost of Insider Risks Global Report, independently conducted by Ponemon Institute. The average annual cost of insider risk reached $19.5 million in 2025, up 20% over two years, while the average time to contain an incident fell to a record low. Organizations took an average of 67 days to contain an insider incident, down from 86 days in 2023.

Organizations experienced an average of 25 insider incidents in 2025. Negligence drove the highest losses, with costs reaching $10.3 million annually – a 17% year-over-year increase.
Beyond measuring cost and frequency, the 2026 report examined what is driving reductions in incidents and costs, and how AI is reshaping insider risk exposure.

Insider risk programs reduce incidents and avoid millions in breach costs
63% of organizations now run a dedicated insider risk program, and in 2025, those programs prevented an average of seven insider security incidents and avoided $8.2 million in breach-related costs. Nearly half (49%) rated their programs as very to highly effective at preventing insider incidents. Of the technologies deployed, identity management and behavioral intelligence delivered the largest cost savings, reducing insider risk costs by $6.1 million and $5.1 million per year, respectively.

AI security and visibility lag employee use
As AI use accelerates across the workforce, visibility and governance are struggling to keep pace. 92% of organizations say generative AI has fundamentally changed how employees access and share information, yet only 13% have formally integrated AI into business strategies. 73% worry unauthorized AI use is creating invisible data exfiltration paths, while just 18% have fully integrated AI governance into their insider risk programs. 44% believe malicious use of AI agents will significantly or moderately increase data theft risk, yet only 19% classify AI agents as equivalent to human insiders.

“The results show real and meaningful progress at organizations with comprehensive and disciplined insider risk programs. Mature programs combined with modern tooling are clearly helping to prevent incidents before they occur. At the same time, the cost of insider risk continues to rise as their impact becomes more severe,” said DTEX CEO Marshall Heilman. “That contrast creates a powerful opportunity as AI becomes embedded across the workforce. Today, too few organizations classify AI agents as equivalent to human insiders, even as those agents operate with delegated authority, persistence, and reach. As a result, insider risk management and AI agent security are quickly converging. The same behavioral visibility and accountability that protect against insider risk must extend to AI systems. Organizations that apply those lessons will be better positioned to scale AI securely without sacrificing resilience in 2026 and beyond.”

The Cost of Insider Risks Global Report analyzes the financial impact of insider risks caused by negligent or mistaken employees, malicious insiders, and outsmarted employees (which includes credential theft).

“Our goal in conducting this research is to quantify the real-world impact of insider risk in an environment reshaped by AI, automation, and expanding data access,” said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute. “By connecting behavior, technology, and outcomes, the research provides security leaders with evidence-based insight to prioritize investments, shorten response times, and reduce the impact of insider incidents.”

Key findings from the 2026 Cost of Insider Risks Global Report include:

  • Insider risk costs continue to climb, driven by containment.
    Organizations face average annual insider risk costs of $19.5 million, up from $17.4 million in 2024. Containment represents the largest cost driver at $247,587 per incident, far exceeding escalation costs of $39,728.
  • Negligence remains the dominant and fastest-growing insider risk.
    Organizations experienced an average of 25.4 insider incidents in 2025. Losses tied to insider negligence reached $10.3 million annually, up 17% year-over-year. Organizations reported an average of 13.8 negligent insider incidents, each costing approximately $747,107.
  • Mature insider risk programs deliver measurable ROI.
    Organizations with established programs prevented at least seven insider incidents per year, avoiding approximately $8.2 million in breach-related costs.
  • Unsanctioned AI use is outpacing governance.
    While 92% of organizations say generative AI has changed how employees access and share information, only 13% have formally integrated AI into their business strategies. At the same time, 73% worry unauthorized AI use is creating invisible paths for data exfiltration, and just 18% have fully integrated AI governance into their insider risk programs.
  • AI agents are emerging as a blind spot in insider risk programs.
    44% believe malicious use of AI agents will increase data theft risk, while nearly half report minimal or no visibility into agent activity. Only 19% classify AI agents as equivalent to human insiders.
  • Faster containment dramatically lowers incident costs.
    Incidents contained within 30 days cost $14.2 million annually, compared with $21.9 million when containment exceeds 90 days.
  • Rising investment is accelerating containment effectiveness.
    Insider risk spending grew from 8.2% of IT security budgets in 2023 to about 19% in 2025, while average containment time fell from 86 days to 67 days, the fastest improvement recorded in the study.
  • Defensive AI adoption is accelerating.
    42% now use AI to detect or prevent insider risks, with nearly half citing a reduction in false positives as the primary benefit. 19% have deployed AI agents in daily workflows, with 71% rating them important to extremely important for early insider risk detection.
  • Behavioral intelligence is delivering measurable financial impact.
    71% of organizations rate behavioral intelligence as important to essential, with 58% citing avoided financial impact as the primary benefit. Among security investments, identity management delivered the highest cost savings at $6.1 million, followed closely by behavioral intelligence at $5.1 million.
  • Demand for insider risk management is outpacing funding.
    64% increased insider risk budgets in 2025, yet 45% still view funding as insufficient. 70% expect budgets to rise again in 2026, with 28% anticipating increases of 10% or more.

Read the 2026 Cost of Insider Risks Global Report here.

Methodology
The 2026 study surveyed organizations in North America, EMEA, and Asia-Pacific with a global headcount of 500 to more than 75,000 over a two-month period concluding in September 2025. In this year’s study, the Ponemon Institute interviewed 8,750 IT and IT security practitioners in 354 organizations that experienced one or more material events caused by an insider.

About DTEX
DTEX is the leader in risk-adaptive security, unifying human, data, and AI risk through a behavioral intelligence platform. Built for enterprise scale, it detects threats early and prevents breaches. Organizations and governments worldwide rely on DTEX to protect sensitive data, accelerate innovation, and safeguard trust with privacy-by-design telemetry and adaptive controls. The DTEX Platform integrates Insider Risk Management, Data Loss Prevention, User and Entity Behavior Analytics, User Activity Monitoring, and AI security into one cohesive solution.

To learn more about DTEX, please visit dtex.ai

Connect with DTEX: LinkedIn | X | YouTube

Media contact
Caitlin Mattingly
dtex@teamhighwire.com


Primary Logo

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Share us

on your social networks:
Facebook Facebook LinkedIn LinkedIn
AGPs

Get the latest news on this topic.

SIGN UP FOR FREE TODAY

No Thanks

By signing to this email alert, you
agree to our Terms & Conditions