Organisations across the Asia Pacific (APAC) region are experiencing insider-driven cyber incidents more frequently than their counterparts in North America and Europe. This highlights a growing and persistent source of business risk linked to human behaviour, according to new research from Mimecast, a global leader in managing human risk.
Mimecast’s State of Human Risk 2026 study found that APAC organisations experience an average of around eight insider-driven data exposure, loss, leak or theft incidents per month, compared with approximately six incidents per month in Europe, the Middle East and Africa (EMEA) and five in North America. While the average cost per insider-driven incident is broadly consistent across regions at around US$13.1 million, the higher frequency of incidents in APAC significantly amplifies cumulative financial, operational and reputational impact.
Insider-driven incidents, which can stem from compromised credentials, negligent actions or inadvertent mistakes by employees, are increasingly being recognised as a regular feature of the cyber threat landscape rather than isolated or exceptional events. In APAC, the research suggests that the sheer frequency of such incidents is becoming a defining risk factor for organisations operating at scale.
The study also found that 64% of APAC respondents expect insider-driven data loss to increase at their organisation over the next 12 months, indicating growing concern that existing controls may struggle to keep pace with the complexity of modern working environments. Large workforces, distributed teams and high volumes of daily communications are expanding the number of opportunities for insider-driven exposure.
Over half of APAC organisations (53%) are already using AI-driven behavioural or sentiment analysis to identify potential insider threats, reflecting growing efforts to detect suspicious activity linked to human behaviour.
“What differentiates APAC is not that insider-driven incidents are more costly than elsewhere, but that they are happening more often,” said Nicky Choo, Vice President and General Manager, APAC, Mimecast. “When organisations are dealing with insider incidents on a recurring basis, the cumulative impact on operations, customer trust and regulatory exposure becomes significant. This reinforces that human-driven cyber risk is not an abstract problem, it is an ongoing business challenge for organisations across the region.”
According to the research, APAC organisations are operating within increasingly complex digital environments characterised by large, distributed workforces and high volumes of day-to-day communication and data exchange. As organisations grow and adopt new ways of working, insider risk is being shaped less by single points of failure and more by the interaction between people, processes and visibility across digital systems.
The findings indicate that while organisations globally face similar per-incident costs when insider-driven incidents occur, APAC’s elevated incident frequency places additional pressure on security teams, incident response processes and governance structures. Over time, this can translate into greater exposure to regulatory scrutiny, prolonged operational disruption and erosion of stakeholder confidence.
Mimecast’s State of Human Risk 2026 study is based on responses from IT and security decision-makers across APAC, North America and EMEA, and examines how human behaviour, insider activity and organisational practices are influencing today’s cyber risk landscape. The research highlights the need for organisations to better understand and manage insider risk as a core component of their overall cyber resilience.