58% of organizations attribute their most significant data loss events to careless employees or third-party contractors.

55% of security professionals are concerned about departing employees.

77% of organizations experienced insider-driven data loss in the past 18 months.

• 21% of organizations faced more than 20 insider-related data loss incidents in the past 18 months.

43% of security professionals are concerned about disgruntled employees.

Only 15% of organizations feel fully prepared to handle the movement of sensitive data through SaaS and Shadow IT tools.

17% of insider incidents involved personal healthcare information.

73% of security professionals are concerned about careless, negligent, or uninformed employees.

53% of insider incidents involved customer records.

47% of insider incidents involved personal information or Personally Identifiable Information (PII).

12% of detected insider incidents could not be attributed, underscoring challenges in detection.

40% of insider incidents involved business-sensitive financial and strategic information.

59% of security leaders are very concerned about accidental employee data leaks over the next 12 months.

Most insider incidents are unintentional: 62% were caused by negligent or compromised users.

Nearly half (49%) of insider incidents resulted specifically from accidental or negligent behavior.

Only 16% of insider incidents involved confirmed malicious intent.

37% of organizations reported detecting between 6 and 20 insider-related data loss incidents in the past 18 months.

76% of organizations reported losses exceeding $100,000 due to their most significant insider incident.

36% of insider incidents involved user credentials.

29% of insider incidents involved Intellectual Property (IP).