While many security professionals and budgets are focused on threats from external actors, the insider threat looms large. According to Vormetric, 89% of organisations are at least somewhat vulnerable to insider attacks. It states that privileged users are considered to be the most dangerous, primarily owing to their access to systems and information considered to be particularly sensitive.
This is echoed by research from those Ponemon Institute, which found that almost half of respondents believe the insider threat to be growing.
The insider threat can come from those inside the organisation that have had their credentials compromised, or are negligent or malicious. Increasingly, external actors are looking to gain a foothold on the network through social engineering exploits, often stealing credentials of a victim within the target organisation.