General discussion


Better definition of insider

By Shawn.Fergason ·
I believe that the majority of network threats occur from discontent employees and unknowing users. Discontent employees and insider appears to be synonymous by definition. But the term insider does not appear to address unknowning users.

From what I have observed most organizations invest in firewalls that will secure public facing services. These same organizations will attempt to set and keep a patch SLA. Where most organizations appear to fail to mitigate their exposure to risk is with remote and internal users. These users are more likely to download or bring in a threat that can then be used to compromise a system and/or network.

Threats may be developed externally but the majority of exploits appear to originate from an ignorant insider. If security specialists defined the origination of the breach, internal or external, than I would suspect that 80% of breaches start inside verus 20% outside.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums