Is there any quantitative research that indicates whether insider or outsider-initiated cybersecurity events are more destructive? Or does the research, if it exists, show that there is no real difference between the two. I suspect the latter, but cannot find a definitive answer.