Cost of Insider Incidents Surges 20% to Nearly $20m

The surge in insider‑risk costs highlighted by DTEX underscores a shifting threat landscape where shadow AI tools are becoming the primary conduit for costly negligence. Traditional security controls, designed for human actors, struggle to monitor the rapid, undocumented use of public AI models, file‑sharing services, and personal webmail. As organizations increasingly rely on generative AI for productivity, the inadvertent exposure of proprietary data and personally identifiable information creates invisible loss pathways that are difficult to quantify but expensive to remediate.

At the same time, AI agents present a paradox: they amplify risk while offering new detection capabilities. Approximately 44% of respondents fear that malicious AI agents will elevate data‑theft incidents, yet 71% already rate AI‑driven behavioral analytics as essential for early risk identification. Deploying AI agents in daily workflows can surface subtle, non‑obvious signals—such as anomalous file access patterns or unusual command sequences—allowing security teams to contain incidents in an average of 67 days, a notable improvement over the previous 86‑day benchmark. This duality forces CISOs to adopt a "human‑plus‑machine" risk model, integrating identity‑centric security and defensive AI that reduces false positives while scaling protection.

Industry leaders are responding by tightening AI governance and data classification frameworks. Only 18% of surveyed firms have fully integrated AI policies into their insider‑risk programs, highlighting a critical gap. Best‑practice recommendations now emphasize behavioral intelligence, identity‑centric controls for both users and AI agents, and continuous monitoring of shadow AI usage. By treating AI as an operational insider, organizations can close exposure gaps, protect intellectual property, and ultimately curb the escalating financial impact of insider incidents.