Insider vs. External Threats: The Greatest Threat Lurks Within

by Tim Brown, vice president of security, SolarWinds

The cybersecurity landscape is more sophisticated now than ever before; from spear-phishing to malware and ransomware, cybercriminals continue finding new ways to compromise businesses. While it’s never been easier for cybercriminals to conduct both random and focused attacks, in reality, an equally dangerous and even more imminent threat exists: internal user mistakes and technology deployment misconfigurations that leave businesses vulnerable to attacks.

SolarWinds recently released findings from a new IDC white paper, which found that organizations are prioritizing security in terms of budget and tool adoption but are vulnerable to even greater risks that exist within their organizations. The white paper, Affordable Tools and Shared Responsibilities Define Midmarket IT Security Trends is based on a survey of both IT and non-IT respondents on their organizations’ cybersecurity practices, designed to explore the threat landscape. The survey revealed an alarming trend: nearly 62 percent of survey respondents cited user errors as the top cybersecurity threat within the company, claiming that user mistakes contributed to the largest attack exposure.

Vulnerability to Insider Threats is Mounting

More than 50 percent of survey respondents claimed that employees (excluding privileged users and executives) pose the biggest risk for insider abuse and misuse. Below employees, contractors (41 percent) and privileged IT admins (31 percent) were the next biggest threats.

Fewer than half of survey respondents (47 percent) cited external bad actors infiltrating the network and systems as the leading cause of cybersecurity issues. Organizations have demonstrated progress when it comes to defending against external threats but are still vulnerable to increasingly risky insider threats.

Overconfidence in Skillsets

In addition to the mounting risks associated with insider threats, survey results also found that cybersecurity teams are often overconfident when it comes to their abilities to defend their IT environments and must continue to pay equal attention to protective strategies.

When asked about technologies used to protect organizations from external and internal threats, only 32 percent cited endpoint protection and 27 percent cited patch management. This lack of patch management activity and reduced focus on network endpoints is alarming, as these basic cyberhygiene best practices must be combined with detection to help ensure that the “front door” is not left open.

The Cost of Proactivity

Although detection or monitoring tools are in place at most midmarket companies, protective practices need additional focus. The primary tactic used to respond to and recover from incidents is backup and recovery (79 percent). The majority of the midmarket isn’t able to fund or conduct extensive forensic analysis activities leading to any patient zero identifications (28 percent).

While organizations are working to dedicate more budget toward solutions and tools to improve security measures, the tools are often cost-prohibitive. Sixty-five percent of respondents reported plans to increase their security spending in 2019, but midmarket companies are still price conscious when it comes to security investments. Fifty-four percent of respondents claimed they would be able to improve their cybersecurity posture if security solutions were more affordable.

As this survey shows, cybersecurity is a significant challenge for most organizations and midmarket companies are working tirelessly to defend against threats. The survey key findings point to the need for affordable, accessible security solutions to combat both external and internal attacks, or businesses run the risk of vulnerabilities turning into devastating attacks.

Source: SolarWinds

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.


10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase