Better definition of insider - TechRepublic
General discussion
May 19, 2009 at 08:40 AM
shawn.fergason

Better definition of insider

by shawn.fergason . Updated 17 years, 1 month ago

I believe that the majority of network threats occur from discontent employees and unknowing users. Discontent employees and insider appears to be synonymous by definition. But the term insider does not appear to address unknowning users.

From what I have observed most organizations invest in firewalls that will secure public facing services. These same organizations will attempt to set and keep a patch SLA. Where most organizations appear to fail to mitigate their exposure to risk is with remote and internal users. These users are more likely to download or bring in a threat that can then be used to compromise a system and/or network.

Threats may be developed externally but the majority of exploits appear to originate from an ignorant insider. If security specialists defined the origination of the breach, internal or external, than I would suspect that 80% of breaches start inside verus 20% outside.

This discussion is locked

All Comments