(MSPAlliance) – Most companies spend most of their IT security budgets on traditional methods to protect against external attacks. However, threats from insider attacks are on the rise and most remain undetected.
Before 2002, disgruntled employees, usually ones who recently had been disciplined, were responsible for the vast majority of insider attacks. Since then, the primary culprits have been trusted employees at high levels of companies.
These employees are not looking just to damage the company, but mainly for personal gain from taking sensitive data. Companies face the usual damages of lost confidential data and intellectual property, damaged or destroyed critical information assets, severed communication and costly downtime.
Most IT security plans are primarily devoted to protecting the perimeter, while most insider attacks, such as an employee downloading sensitive data onto a USB key-fob, are almost impossible to spot. The solution is to focus on protecting IT assets from the ground up, from every threat, through the correlation of data. Companies should plan IT security with a single, comprehensive view of IT risk from both external and internal threats.