Insider threats, those where regular employees wreak havoc within a company, intentionally or otherwise, are considered a top threat among many organisations.
This was concluded in SolarWinds' newest whitepaper, which says many businesses are spending increasing amounts of money, buying new tools in hopes of staying secure, but are effectively achieving very little in terms of security.
Almost two thirds of organisations (62 per cent) claim regular employees (non-c-suite) make mistakes that contribute most to cyberattacks. To improve security, organisations will need tools to help them reduce deliberate and malicious attacks, as well as to avoid accidental misconfigurations, the whitepaper argues.
Sure, monitoring tools are essential to guard from large external threats, but that doesn't mean basic cyberhygiene should be neglected, the report adds.
“Cybercriminals now operate as part of a well-oiled machine that can easily crank out a variety of attacks that are both random and focused in nature,” says Tim Brown, vice president of security, SolarWinds. “But in reality, an equally dangerous and even more imminent threat exists: internal users. Between mistakes and technology deployment misconfigurations, organizations are finding themselves highly susceptible to threats that are perpetuated from the inside, leaving themselves effectively wide open to attacks.”
Besides tools and cybersecurity solutions, employee education remains among the top priorities for businesses. Mistakes can happen to everyone, but employees should be taught to be extra careful when they receive an email entitled “Invoice”, or when they get shared a link from an unknown sender.
Image Credit: Sergey Nivens / Shutterstock