The threat within trumps external risks

While CIOs and CSOs are often concerned with the threat of viruses and other external sources of danger, a new study from the U.S. Computer Security Institute (CSI) concludes that company insiders should be a bigger focus in efforts to protect networks. CSI released its annual Computer Crime and Security Survey for 2007 in which 494 security professionals from U.S. corporations and government agencies were interviewed. Insider incidents were cited as having occurred by 59 percent of respondents, while only 52 percent said they had encountered a conventional virus in the previous year. Both insider and virus incidents have been falling since a high in the year 2000, but this is the first time insider incidents have been more reported than viruses. Other incidents on the rise include: laptop and mobile device theft and targeted attacks, especially those where organizations felt they had been specifically singled out for attack.

For more updates on security:
- see the article in InfoWorld