Each survey describes the persistent and pernicious insider problem of many employees inadvertently or purposely putting their organizations at risk. However, these surveys can be inconsistent, especially the ones that compare the number of external attacks to internal attacks (from employees, etc.). Some surveys show a huge number of external attacks, while others show a preponderance of the latter.
When discussing this threat with management, emphasize the need to defend against both insiders and outsiders, and how to leverage some tools across both threats, while using other tools that focus predominantly on one or the other. If you put all of your defensive eggs in the outsider threat basket, your organization could be in serious peril. Thus, a blended approach is vital.
Dig Deeper on Security Awareness Training and Internal Threats-Information
Related Q&A from Ed Skoudis
At Black Hat 2006, researcher Joanna Rutkowska unveiled a piece of machine-based malware called the Blue Pill. But is it a serious threat to your ...continue reading
Wi-Fi on airplanes seems like it will be unavoidable in the future, but what security risks does it pose? In this security threats expert response, ...continue reading
There are some rare forms of malware that antivirus software doesn't pick up on, but there are some good tools to remove all sorts of malware.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.