Insider Risk Costs Surge to $19.5M Annually as AI Introduces New Vulnerabilities
Event summary
- Average annual insider risk costs rose 20% to $19.5M in 2025, with containment costs per incident reaching $247,587.
- Organizations experienced 25 insider incidents annually, with negligence driving $10.3M in losses—a 17% YoY increase.
- 63% of firms now have dedicated insider risk programs, preventing 7 incidents and avoiding $8.2M in breach costs annually.
- Only 13% of organizations have formally integrated AI into business strategies, despite 92% acknowledging its impact on data handling.
- AI agents are emerging as a blind spot, with just 19% of firms classifying them as equivalent to human insiders.
The big picture
The surge in insider risk costs reflects broader challenges in balancing AI innovation with security governance. As AI agents proliferate without adequate oversight, firms face a growing convergence of human and machine-driven risks. The data underscores the financial ROI of mature insider risk programs, but also highlights critical gaps in AI integration—particularly as unauthorized AI use creates invisible data exfiltration pathways. The strategic tension lies in whether firms can adapt their risk frameworks fast enough to keep pace with AI's transformative impact on workforce behavior.
What we're watching
- AI Governance Gaps
- How the lag in AI governance will affect data exfiltration risks as AI adoption accelerates.
- Program Effectiveness
- Whether mature insider risk programs can sustain cost reductions amid rising AI-related vulnerabilities.
- Regulatory Scrutiny
- The pace at which regulators will mandate AI agent oversight as part of broader insider risk frameworks.
Related topics