惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

P
Palo Alto Networks Blog
S
Security Affairs
T
Tor Project blog
T
Threatpost
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
Cyber Attacks, Cyber Crime and Cyber Security
The Hacker News
The Hacker News
A
Arctic Wolf
K
Kaspersky official blog
O
OpenAI News
Spread Privacy
Spread Privacy
人人都是产品经理
人人都是产品经理
爱范儿
爱范儿
Simon Willison's Weblog
Simon Willison's Weblog
雷峰网
雷峰网
P
Privacy & Cybersecurity Law Blog
Know Your Adversary
Know Your Adversary
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Last Week in AI
Last Week in AI
Martin Fowler
Martin Fowler
量子位
博客园_首页
Cyberwarzone
Cyberwarzone
博客园 - 三生石上(FineUI控件)
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
IT之家
IT之家
N
News and Events Feed by Topic
博客园 - 司徒正美
V2EX - 技术
V2EX - 技术
S
Schneier on Security
博客园 - 叶小钗
Attack and Defense Labs
Attack and Defense Labs
AI
AI
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - 【当耐特】
Jina AI
Jina AI
C
CXSECURITY Database RSS Feed - CXSecurity.com
C
Cybersecurity and Infrastructure Security Agency CISA
D
Darknet – Hacking Tools, Hacker News & Cyber Security
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
大猫的无限游戏
大猫的无限游戏
Cloudbric
Cloudbric
H
Hacker News: Front Page
The Last Watchdog
The Last Watchdog
V
V2EX
S
SegmentFault 最新的问题
V
Visual Studio Blog
PCI Perspectives
PCI Perspectives
Microsoft Security Blog
Microsoft Security Blog

Latest from TechRadar in Security

Robots are fighting wars and helping to quash riots — China is arming riot police with squads of AI controlled drones and Ukraine wants to man the frontlines with 25,000 robots US security agency still using Mythos despite ban – government using new security tool despite Pentagon's… Struggling to launch Teams? Microsoft recalls update causing failed startup and infinite loading loops –… How to meaningfully measure the effectiveness of cyber resilience 'We've identified a security incident': Vercel breach confirmed after hackers claim stolen data for sale… How EU organizations can turn sovereign cloud theory into action 'Update immediately': 60,000 WordPress websites at risk after experts discover flaw that allows hackers to… 'They mopped the floor with me and pulled every childish game they could': Disgruntled researcher releases second major Windows zero-day — claims Microsoft 'would ruin my life, and they did' 'As threats evolve, Gemini keeps our defenses one step ahead': Google claims its AI helped it block over 8.3… Cisco tells Webex users to patch critical security flaws immediately, as experts find its Wi-Fi boxes may be filling their disks with undeletable data every day Microsoft experts warn North Korean attackers target macOS users with 'a highly reliable infection chain' to steal passwords, financial data and more — here's how to stay safe Solving the shadow IT crisis in travel Agentic swarms will change how everyone uses AI – but how can organizations deploy them securely? Europol launches Operation PowerOFF — warns 75,000 DDoS users and takes down 53 domains China completes testing on ‘deep-sea electro-hydrostatic actuator’ capable of slicing undersea cables as deep as 3.5 kilometers – new compact subsea vessel testing bridges the ‘last mile’ and could deploy in 2026 Many are still leaving the door open': Security experts warn FIFA World Cup partners could be putting customers at… 'Anyone with $10 could have walked straight through': Report warns this legit-looking software is actually… An ancient Microsoft Excel security flaw could let hackers hijack your entire system, so patch now 'This is not a traditional coding error': Experts flag potentially critical security issues at the heart of Anthropic's MCP, exposes 150 million downloads and thousands of servers to complete takeover Your OpenClaw agents can empty your inbox and leak your data. Here's how to secure them Russia hits European thermal power plant in attempted ‘destructive’ cyberattack – Pro-Kremlin hackers are engaging in ‘riskier and more reckless behavior’ in latest attempt to cripple Western critical infrastructure The war in Iran is reaching cyberspace - here’s how to prepare Millions of hotel goers may have been exposed after hackers steal data and leak it on Telegram 'Every Apple user needs to know about this nasty scam': Fake warnings tell users their iCloud data will be… Dozens of WordPress plugins hijacked to target thousands of sites 'We are currently being extorted' — crypto giant Kraken says it is facing extortion attack, here's… McGraw Hill becomes latest to see its Salesforce data hacked Over 100 Chrome Web Store extensions found stealing user data from thousands of accounts OpenAI reveals its Mythos rival designed for cybersecurity pros When cyberattacks are inevitable, recovery becomes the strategy Closing the cloud complexity gap 'It's more common than you think': Experts reveal how hackers are trying to hijack your inbox with these… 'This wasn’t just phishing — it was a full-service cybercrime platform': FBI reveals takedown of notorious W3LL phishing operation targeting thousands of victims From cloud to Agentic AI: Why security must evolve faster than innovation Basic-Fit gym group data breach exposes details of over 1 million members — here's what we know ‘Authorities can ask them to hand over data’: Report claims over 80% of Europeans don’t trust US and Chinese businesses to handle their data – Europe is desperate for homegrown AI, cloud, and telecoms as the rift with the US grows Booking.com confirms reservation data breach — tells customers hackers 'may have been able to access certain… Agility is the key to protecting against Malware-as-a-Service (MaaS) Rockstar hackers publish 78.6 million stolen records — but many of us will be disappointed Adobe issues emergency security patch — Reader and Acrobat users need to update now What 2025 taught us about the importance of resilience in retail Governing the hidden risks of generative AI in the enterprise Russia launched a covert operation to deploy undersea sabotage vessels in UK waters while the world was distracted by the Middle East - UK threatens Putin with ‘serious consequences’ if subversion continues 'Industrial-scale scam operations': Global criminal organization operated slave compounds in Asia behind huge malware-as-a-service hydra targeting 35+ government agencies monthly OpenAI flags third-party data issue — all macOS users should update now Hackers use Claude and ChatGPT in 'a significant evolution in offensive capability' to breach government agencies, leak hundreds of millions of citizen records 'This is not your typical run-of-the-mill malware': CPUID download page hacked and tools replaced with links… How businesses can turn AI pilots into scalable solutions ‘No Decision’ is the new breach: Why inaction is becoming a career risk for CISOs in 2026 Rockstar confirms major third-party data breach: GTA VI maker says 'no impact on our organization or our… '$15K bill destroyed a solo developer’s startup': How hackers are using leaked Google API keys to… Adobe Reader users beware — experts flag months-old security flaw using booby-trapped PDFs to scope out victims Top WordPress Slider plugin hijacked to spread malware — here's what to look out for No, Elon Musk doesn't want to give you a $5,000 tax refund — it's a scam, here's what to look out… ‘It’s a potential national security threat’: Proton study finds over 3,500 US legislators’ official emails leaked and exposed on the dark web Microsoft warns worrying security flaw exposed over 50 million Android users, says 'user credentials and financial… Google Chrome rolls out a new tool to try and stop infostealer malware in its tracks Breach exposes sensitive LAPD files stored in city attorney system ‘FlamingChina’ hacker claims to have stolen over 10 petabytes of advanced military data from China’s National Supercomputing Center in possibly the biggest hack of all time Mac users beware — experts say this attack 'stood out immediately' by making a major change to try… Now that's different - hackers use miniature SVG images to try and hide credit card stealer Closing the implementation gap in America's cyber strategy UK NHS chief champions Palantir’s 'outstanding results’ in England, pushes for deeper rollout despite… French email provider accidentally leaked 40 million records — L’Oreal, Renault, French government data… Tame your AI gremlins before the chaos becomes permanent NHS Scotland domains reportedly found serving adult content and illegal sport streams 'This creates a layered form of obfuscation': New report says criminals are using emojis to avoid detection Top open source AI platform Flowise hit by maximum-level security issue US agencies warn Iranian hackers are targeting American critical infrastructure — causing 'disruptive effects… Third-party integration tool Anodot data breach hits Snowflake customers Always-on AI Agents put everything hackers could ever want behind a single attack surface When infrastructure decisions shape growth outcomes 'This puts organizations at risk of credential theft, data manipulation and broader compromise': UK government, Microsoft warn Russian hackers are hitting TP-Link home routers to hijack internet traffic 'A new frontier model trained by Anthropic that we believe could reshape cybersecurity': Project Glasswing wants to use AI to prevent AI cyberattacks — but will 'overeager' Claude Mythos do more damage than help? Microsoft flags China-based hackers using vicious new 'rapid attack' zero-days to launch ransomware at targets… 'By combining trusted platforms with legitimate tools, the threat actor reduces visibility and increases the… 'Stolen session cookies render MFA irrelevant': How $900-per-month turnkey malware is putting enterprise-grade… 'Verify before you act': security expert reveals the simple steps you can take to stay safe from deepfakes I can't think of anything that's off limits to them': FBI slams cybercriminals for attacking schools,… 'I was not bluffing Microsoft, and I'm doing it again': apparently disgruntled researcher leaks worrying… Understanding the ‘espionage ecosystem’ threat Goodnight REvil and GandCrab? Police think they've identified two of the biggest cybercrime bosses around Why modern cyber conflict is partly a global skills challenge 'Your login credentials may already be slipping into the hands of a cybercriminal': Hackers target LinkedIn… SparkCat malware returns to target Android and iOS users, hiding in innocent apps to try and steal your details One of the largest corporate espionage and data breach scandals in digital history': New "BrowserGate" report claims LinkedIn secretly scans user browsers for installed extensions and collects device data This devious VENOM phishing campaign targets business executives by name — so watch what you click on Backups won’t save you from this version of ransomware Your marketing stack is an attack surface – is security watching? AI agents can only be trusted as Junior Engineers Top museums hit by apparent cyberattack on Vivaticket — Louvre and other institutions affected Uffizi galleries confirms it was hit by cyberattack — but claims nothing was stolen Time for an upgrade? Report warns outdated operating systems could be the 'unnecessary risk' your business… Building private AI: control, compliance and competitive edge 'Skipping a beat on resilience investment isn’t an option any more': IT incidents can cost firms huge amounts - here's how to stay on top of issues 'The most powerful weapon is not always a missile': How Iranian "Charming Kitten" hackers used old… 'Growing 3x faster than police staffing': Surge in cybercrime and new laws on ransomware payment could put UK… The invisible threat hidden in clear view: how Unicode characters are being weaponized to hide malicious commands from… Be careful what you click - hackers use Claude Code leak to push malware Hims and Hers reveal cyberattack — customer support system hacked and personal info stolen, here's what we…
The real cost of insider threats is not the incident: It’s the frequency
Nicky Choo · 2026-05-27 · via Latest from TechRadar in Security

While much of the cybersecurity conversation focuses on how AI is transforming external threats, many organizations in Asia Pacific are dealing with a more immediate issue: the growing frequency of insider-driven incidents.

For years, cybersecurity has been shaped by the idea of the “big incident”, a single, high-impact incident that disrupts operations, exposes sensitive data, and makes headlines. But that framing no longer reflects how risk plays out in many organizations today, particularly across Asia Pacific.

APAC Vice President and General Manager, Mimecast.

Recent research shows that organizations in APAC are experiencing insider-driven cyber incidents more frequently than their counterparts in North America and Europe. On average, companies in the region face around eight such incidents each month, compared with approximately six in EMEA and five in North America.

While the cost per incident is broadly consistent globally, the higher frequency in APAC changes the equation entirely.

The real issue is not the scale of any one exposure. It is the cumulative impact of many.

From exceptional events to everyday risk

Insider-driven incidents are no longer rare or exceptional. They are becoming a routine part of operating in a digital environment.

These incidents can take many forms. An employee shares sensitive data through an unauthorized channel. Credentials are compromised and used to access internal systems. A file is inadvertently exposed through a misconfigured platform. In most cases, there is no malicious intent. The risk emerges from how people interact with systems, data and tools in the course of doing their jobs.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

What is changing is not just the nature of these incidents, but their frequency.

When organizations are dealing with multiple insider-driven events each month, the conversation shifts. This is no longer about preventing a single incident. It is about managing a continuous stream of exposure.

Why APAC is seeing more frequent incidents

The higher frequency of insider-driven incidents in APAC is not a coincidence. It reflects how organizations in the region are structured and how they operate.

Many companies across APAC manage large and geographically distributed workforces. Team collaboration across markets, time zones and digital platforms is common. Daily operations involve high volumes of communication and data exchange, often across a mix of on-premise systems, cloud storage environments and third-party applications.

This creates more opportunities for data to move and, with it, more opportunities for it to be mishandled, exposed or misused.

At the same time, organizations are rapidly adopting new tools to improve productivity, including AI tools that can access and process large volumes of information. While these tools bring clear efficiency gains, they also introduce new pathways for data exposure, often without corresponding visibility or control.

The result is an environment where insider risk is shaped less by isolated mistakes and more by the interaction between people, processes and increasingly complex digital systems.

The financial impact of insider-driven incidents is well understood. What is less often discussed is how that impact compounds over time.

Each incident carries a cost. But when incidents occur repeatedly, those costs accumulate across multiple dimensions.

Security teams are placed under constant pressure to investigate and respond. Incident response processes become stretched. Operational disruption becomes more frequent. Over time, this can erode efficiency and divert resources away from strategic initiatives.

There is also a broader impact on trust. Customers and partners expect organizations to manage their data responsibly. Repeated incidents, even if individually contained, can undermine confidence in an organization's ability to do so.

Regulatory exposure adds another layer of complexity. As governments across APAC strengthen requirements around data protection and privacy, organizations face increasing scrutiny. In Singapore, the Personal Data Protection Commission has stepped up enforcement under the Personal Data Protection Act, with organizations expected to demonstrate not just that incidents are contained, but that appropriate safeguards and processes are consistently in place.

Frequent incidents can therefore raise questions not just about technical controls, but about governance and oversight.

Why traditional approaches fall short

Many organizations continue to approach cybersecurity with a focus on external threats and technical vulnerabilities.

This approach remains important, but it does not fully address the nature of insider-driven risk.

Traditional models tend to assume that incidents are infrequent and can be managed as discrete events. They are designed to detect anomalies, respond to incidents, and restore systems to a secure state.

In an environment where incidents occur regularly, this model becomes less effective.

Responding to each incident in isolation does little to address the underlying patterns driving repeated exposure. Over time, organizations can find themselves caught in a cycle of detection and response, without reducing the overall level of risk.

Rethinking insider risk as a continuous challenge

To manage insider-driven risk effectively, organizations need to shift their perspective.

This starts with recognizing that insider risk is not an edge case. It is a core component of the modern threat landscape, shaped by everyday behavior and routine operations.

Visibility becomes critical — and increasingly, that means behavioral visibility. Organizations need to understand not just who is accessing data, but how. Sudden spikes in downloads, unusual transfers to personal applications, or attempts to disguise files by renaming them can all be early indicators of exposure. These signals are easy to miss when security teams are focused on perimeter threats, but they are often where insider risk first becomes visible.

Context is equally important. Not all actions carry the same level of risk. Understanding the intent, behavior and environment surrounding an activity allows organizations to prioritize what genuinely requires attention rather than chasing noise.

AI-driven tools add a further layer of complexity. As organizations across APAC adopt AI applications to improve productivity, these tools can access and process large volumes of sensitive information — often without corresponding visibility or controls. At the same time, AI can be a significant asset in detection, establishing behavioral baselines and surfacing anomalies that would be difficult to identify manually. The key is ensuring that AI adoption on the operational side is matched by AI-informed oversight on the security side.

Importantly, the goal is not to restrict employees but to support them. Research consistently shows that the majority of insider incidents are unintentional — the result of poor judgement or unfamiliar tools, not malicious intent. Employees should not be treated as the weakest link. They should be set up for success, with clear guidance, appropriate access, and a culture where reporting concerns feels safe rather than risky.

Managing risk at scale

As insider-driven incidents become more frequent, the challenge for organizations is not just prevention, but management at scale.

This means moving beyond reactive approaches towards models that can identify patterns, anticipate risk, and respond in a way that reduces overall exposure over time.

Zero trust principles are increasingly central to this. Limiting employee access to only what their role genuinely requires — and continuously reassessing those privileges as roles change — reduces the potential impact when an account is compromised or misused. Offboarding processes deserve particular attention. Employees who leave often retain access longer than they should, and those familiar with internal systems can represent a significant exposure window if that access is not promptly revoked.

It also requires stronger alignment between security, operations and governance. Insider risk does not sit neatly within a single function. It spans technology, people and process, and needs to be addressed accordingly. Insider risk needs to be treated as an ongoing program, not a periodic review or a compliance exercise.

In APAC, where organizations are operating in fast-moving and highly connected environments, this shift is particularly urgent. With large and distributed workforces operating across multiple markets, the conditions for insider risk are structural — building continuous risk management capability is not optional.

A different way of thinking about cyber risk

The narrative around cybersecurity has long been shaped by the idea of catastrophic events. While those events still matter, they are no longer the only, or even the primary, source of risk for many organizations.

In APAC, insider-driven incidents are happening more often, and that frequency is what makes them significant. When the average organization in the region faces around eight such incidents each month, the cumulative financial and operational impact adds up fast — even before factoring in the regulatory scrutiny that increasingly follows repeated exposure.

The question is no longer whether an incident will occur. It is how often, and how well organizations are prepared to manage the impact when it does. The organizations that manage this well will not necessarily be those with the largest security budgets. They will be those that treat insider risk as a continuous, evolving challenge — investing in the visibility, culture and controls that reduce exposure before incidents occur, not just responding after they do.

The organizations that succeed will not be those that simply prevent incidents, but those that understand and manage risk as a continuous, evolving part of doing business.

Because in today’s environment, the cost of insider risk is not defined by a single moment of failure. It is defined by how often that moment repeats.

We list the best ITSM tools, to make it simple and easy to improve your Information Technology Service Management.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit