ORGANIZATIONS in Asia-Pacific (APAC) are experiencing more frequent insider-driven cyber incidents than their counterparts in North America and Europe, according to a study released March 17.
The report found that companies in the region face an average of about eight insider-related data exposure, loss, leak or theft incidents per month, compared with around six in Europe, the Middle East and Africa and five in North America.
The study said the higher frequency of incidents in Asia-Pacific increases cumulative financial, operational and reputational risks, even as the average cost per incident remains similar across regions at about $13.1 million.
Insider-driven incidents include cases involving compromised credentials, employee negligence or unintended errors. The report said these are becoming a routine feature of the cyber threat landscape rather than isolated events.
It added that 64 percent of respondents in Asia-Pacific expect insider-driven data loss to increase within the next 12 months, indicating concerns that existing controls may not keep pace with evolving work environments.
More than half of organizations in the region, or 53 percent, said they are using artificial intelligence-driven behavioral or sentiment analysis to identify potential insider threats.
“What differentiates APAC is not that insider-driven incidents are more costly than elsewhere, but that they are happening more often,” said Nicky Choo, vice president and general manager, Asia Pacific.
“When organizations are dealing with insider incidents on a recurring basis, the cumulative impact on operations, customer trust and regulatory exposure becomes significant,” he added.
The report said the increase in incidents is linked to more complex digital environments, including large, distributed workforces and high volumes of daily communication and data exchange.
It noted that the frequency of incidents is placing additional pressure on security teams, response processes and governance structures, potentially increasing exposure to regulatory scrutiny and operational disruptions over time.
The study is based on responses from IT and security decision-makers across Asia-Pacific, North America and Europe and examines how human behavior and insider activity affect cyber risk.
