Corporate security teams spend a large amount of their time and resources attempting to secure their systems from outside cyber-threats – that is, from hackers who are external to the corporate network, and who have no business being there.
Of course, it’s prudent for security teams to do so: according to Verizon’s 2019 Data Breach Investigations Report, almost 70% of confirmed data breaches are perpetrated from the outside. However, what about the remaining 30% of data breaches?
By a large margin, they were accomplished by employees acting from within their own networks. Of course, the objective of the external 70% is ultimately to gain internal access, making outside hackers into insider threats, too.
It goes without saying that any data breach is one too many – but with the high price tags attached to data breach mitigation and attendant regulatory non-compliance penalties, the avenues of risk are just too many for CSOs to ignore.
This white paper explores why CSOs need to understand the varying kinds of data breaches that can come both from within and without their own organisations.
