Skip to main content

Annual Data Exposure Report 2023

Latest findings show Insider Risk is becoming increasingly complex to solve, but awareness is growing and companies are making investments to solve the problem.

Download PDF


Findings reveal Insider Risk is one of the hardest cybersecurity threats to detect

In past Annual Data Exposure Reports, Code42 has researched the key drivers of Insider Risk. In the 2023 edition, we wanted to understand the specific challenges related to building and maintaining Insider Risk technologies, training and programs. To explore this, we surveyed 700 respondents – cybersecurity leaders, managers and practitioners – from a range of US companies with 500 or more employees. The responses show there is an urgent need to overcome the challenges associated with managing Insider Risk – an issue that is becoming increasingly complex to solve.  Download the report today to see why.


Key findings from the report:


  • Companies estimate a 32% average increase in the number of insider-driven events they experience per month

    equating to 300 events per company per year – increasing the likelihood of data leakage and breaches.

  • CISOs rank Insider Risk (27%) as the most difficult threat to detect

    placing it above cloud data exposures (26%) and malware/ransomware (22%).

  • 76% of CISOs expect data loss from insider events to increase at their company in the next 12 months

    with ineffective technologies and programs are making it difficult to detect and mitigate threats.

  • The average cost of an insider incident is $16 million 

    making it essential to solve for Insider Risk to avoid catastrophic financial, reputational and compliance ramifications.