ARE YOUR SECURITY EFFORTS MISPLACED?
It is easy, while evaluating attack vectors, researching competitors and gauging the threat from organized crime or foreign adversaries, to conclude that external attacks should be the primary focus of defense. This conclusion would be wrong. The critical element is not the source of a threat, but its potential for damage. Evaluating threats from that perspective, it becomes obvious that although most attacks might come from outside the organization, the most serious damage is done with help from the inside. This survey highlights the importance of managing internal threats as the key to winning at cyber security.
Even advanced external adversaries try to focus on the easiest way to compromise an organization. Organizations’ increased focus on robust perimeters and locked down systems has made their servers more difficult to compromise, leaving insiders as the easiest attack vector available. Because organizations typically have a lot more insiders than servers, and it may take only one click on the wrong link or attachment to compromise an organization, adversaries have increasingly focused on insiders as a primary point of attack. This survey was designed to provide greater insights into the state of the art of insider compromise and what organizations can do to protect against this major threat lurking in most organizations.