Global cybersecurity company Mimecast reports that organizations in Asia Pacific (APAC) are dealing with insider-driven cyber incidents more often than those in North America and Europe, pointing to rising risks tied to human behavior.
Findings from the State of Human Risk 2026 study show APAC organizations face about eight insider-related incidents per month, compared with roughly six in Europe, the Middle East and Africa (EMEA), and five in North America. These incidents include data exposure, leaks, loss, or theft caused by compromised credentials, employee mistakes, or negligence.
While the average cost per incident remains consistent at $13.1 million globally, the higher frequency in APAC increases the overall financial, operational, and reputational damage for companies in the region. For many businesses, insider threats are no longer isolated events but an ongoing cybersecurity challenge.
“What differentiates APAC is not that insider-driven incidents are more costly than elsewhere, but that they are happening more often,” said Nicky Choo, vice president and general manager, APAC, Mimecast. “When organizations are dealing with insider incidents on a recurring basis, the cumulative impact on operations, customer trust, and regulatory exposure becomes significant. This reinforces that human-driven cyber risk is not an abstract problem, it is an ongoing business challenge for organizations across the region.”
The study found that 64% of APAC respondents expect insider-driven data loss to increase in the next 12 months, suggesting that current security controls may struggle to keep up with complex, modern work environments. Factors such as large workforces, remote teams, and high communication volumes are increasing exposure risks.
To address this, 53% of APAC organizations are using AI-driven behavioral or sentiment analysis to detect potential insider threats, showing a shift toward proactive monitoring.
Mimecast said the growing scale and complexity of digital operations are making insider risk harder to manage, putting more pressure on security teams and increasing the likelihood of regulatory scrutiny and business disruption.