Threats Insider Threat: Disconnect Between Staff and CIOs

When it comes to the root cause of organizational data breaches (and the common disconnect between staff and CIOs), one of the most underestimated threats is insider risk.

High-profile breaches at Facebook, Marriott, and Equifax (and, more recently, a spike in insider threats in 2025) all involved employee errors—sometimes unintentional—which underscores how negligence, inattention, or gaps in cybersecurity awareness often play a larger role than outright malicious insider actions. A recently-updated Egress study on insider threats highlights that these non-malicious human mistakes are far more common breach drivers than criminal insiders.

To investigate this problem, Egress examined both employer and employee perspectives. Not surprisingly, a profound disconnect emerged—on problem awareness, ownership, and responsibility.

The results of the survey emphasize a growing disconnect between IT leaders and staff on data security, which ultimately puts everyone at risk. While IT leaders seem to expect employees to put data at risk, they’re not providing the tools and training required to stop the data breach from happening.

— Tony Pepper, CEO, Egress Software Technologies

IT Leaders vs. Employees: The Divide

Statistics reflect the following:

Accidental Breaches:

• 79% of IT leaders reported employees risking company data in the past year; the dominant cause (45%) was emailing information to the wrong recipient

• In contrast, 92% of employees denied breaking data policies accidentally, and 91% rejected intentional wrongdoing

• Moreover, 60% of leaders anticipate at least one accidental breach within the next 12 months. The majority admitted accidental sharers: 48% were rushed, 30% cited pressure, and 29% blamed exhaustion

• Alarmingly, 35% didn't realize the data was sensitive—highlighting inadequate awareness training

Intentional Breaches:

• 61% of employers believe malicious leaks occurred

• 30% attribute leaks to harmful intent, 28% to financial gains

• Only 8%** of employees admitted deliberately sharing information, and 23%* of them took data to new jobs

• Among the purposeful sharers, 55% claimed their organization did not provide secure sharing tools

2025: The Numbers You Need to Know

• 74% of security breaches in 2025 still involve a human element, whether through error or phishing

• In fact, 95% of all data breaches are attributed to human error

• Accidental insiders alone were responsible for 60% of insider-origin breaches

• 12% of employees took sensitive intellectual property upon leaving—mirroring Egress’s findings

• The average data breach now costs US $4.88 million, up 10% from 2023

• It takes an average of 204 days to detect a breach and another 73 days to contain it

• Organizations using AI and automation discovered and contained breaches 108 days faster, saving on average US $1.76 million

• 82% of breaches involve cloud-stored data; 86% involve stolen credentials

• 32% of cyber incidents involve data theft over encryption, with 124% more exploitation attacks compared to the prior year

• Third parties are involved in 30% of breaches—double last year’s rate

Takeaway: Human Risk Remains the Disconnect Between Staff and CIOs

Security leaders now rank human risk above tech gaps, with 79% noting that collaboration tools pose new threats and 81% concerned about generative AI leaks.

We recommend to:

• Intensify human-risk training – simple awareness isn't enough. Reinforce it routinely.

• Provide secure tools for data sharing—cloud, encryption, and identity controls.

• Implement AI-driven monitoring to proactively detect anomalous behavior

• Prioritize third-party risk—perform thorough vetting and continuous monitoring

Conclusion

The gap between employers and employees on data security responsibility is stark—and costly. With 95% of breaches tied to human error, organizations must rethink their internal defense strategy.

A combination of comprehensive awareness training, secure tools, and regular penetration testing will help turn insider threats from a blind spot into a managed risk.