Organisations across Asia Pacific are experiencing insider-driven cyber incidents more frequently than their counterparts in North America and Europe, according to research published by Mimecast.
Mimecast’s State of Human Risk 2026 study found APAC organisations experience an average of around eight insider-driven data exposure, loss, leak or theft incidents per month, compared with approximately six incidents per month in Europe, the Middle East and Africa (EMEA) and five in North America. While the average cost per insider-driven incident was reported as broadly consistent across regions at around US$13.1 million, the higher frequency in APAC increases the overall financial, operational and reputational impact.
The report defines insider-driven incidents as those stemming from compromised credentials, negligent actions or inadvertent mistakes by employees. It argues such events are increasingly being treated as a regular part of the cyber threat landscape rather than isolated incidents.
The study found 64% of APAC respondents expect insider-driven data loss to increase at their organisation over the next 12 months. Mimecast linked that concern to factors including large workforces, distributed teams and higher volumes of daily communications, which expand opportunities for accidental or deliberate data exposure.
More than half of APAC organisations surveyed (53%) said they are using AI-driven behavioural or sentiment analysis to identify potential insider threats, the report said.
“What differentiates APAC is not that insider-driven incidents are more costly than elsewhere, but that they are happening more often,” said Nicky Choo, Vice President and General Manager, APAC, Mimecast. Choo said recurring incidents can compound impacts on operations, customer trust and regulatory exposure.
Mimecast said the findings suggest that APAC’s higher incident rate adds pressure on security teams, incident response processes and governance, potentially increasing exposure to regulatory scrutiny and disruption over time.
According to the report’s methodology statement, Mimecast commissioned Vanson Bourne to survey 2,500 IT security and IT decision makers across nine countries in November and December 2025. The survey covered organisations with more than 250 employees and more than 250 email users, ranging in size from 250 to more than 10,000 employees, across a mix of public and private sector industries.
