SearchSecurity's Article quotes some research, from AFCOM and D&T among others, that seem to indicate that insider threats aren't the biggest worry.
Have to say that surprises me. Having been inside plenty of large corporations and seen where the problems occur, insiders do, indeed, pose a real and substantial threat.
Some reasons for the low report numbers could be attributed to companies desire to keep internal attacks quiet and unreported. Another contributor? Most organizations are doing more monitoring and forensic work on external attack vectors. If your web site goes down, the whole world knows about it and you're going to do mitigation and investigative work to keep it from happening again. If an employee runs off with some R&D plans and sells them to the competition, the forensic work can be a lot hard to complete.
In other words, I think a lot of internal attacks are 'under the radar' and therefore not hitting survey results like these.
Posted by Diana at June 18, 2003 07:52 AM