Are Cyber Risks Greater on the Inside or Outside? Does it Matter?

October 18, 2013 John Worrall

by John Worrall

When it comes to cyber threats – what should businesses be most concerned with?  Insider attacks?  External cyber-attackers?  Nation-based attacks?  Accidental breach?  It’s a question that’s turned over frequently in the industry and one businesses struggle with.

Gregory Millman of the Wall Street Journal recently had a great article that dealt with this question by looking at a recent spate of security surveys that were supposed to shed light on the nature of data breaches and cyber-attacks.   Millman analyzed three surveys from some of the most reputable sources in our industry – Verizon’s Data Breach Investigation Report, Ponemon’s Cost of Data Breach study, and PwC’s Global State of Information Security Survey.

What he found was…different surveys say different things about the same problem.  In trying to identify the greatest cyber-threat facing business, Millman put it succinctly, stating, “One said outside attackers, another inside attackers, and yet another, mistakes and system errors.”

He goes on to provide some great insight into how businesses can generate meaning out of diverse opinions like this by questioning everything about the surveys – data sources, number jiggling, relevance, and more.

Excellent points – and as a company that has generated a benchmarked annual Global Advanced Threat survey  for 7 years running, this is great advice.

But back to the question that these surveys were supposed to answer – just what is the greatest risk business faces?  Which survey is correct?  How about all of them.

The problem these and other surveys have isn’t with the data.  It’s with the questions and the thought processes behind them.

The reality we face is that the enterprise perimeter no longer exists – cloud computing, BYOD, mobile devices, disparate workforces have all helped erode the perimeter over the past 10 years.  The attack surface has become extremely broad, and attack tactics like phishing and exploiting zero-days have become common place.  So much so, that it’s a safe assumption that external attackers are already inside, or have been inside, your network.

The cyber-threat has evolved to a point where it doesn’t matter where the attacks start – what matters is the pathway attackers use to steal your data.  While the “Attacks are Coming From Inside The House!” headlines are sexy, to be informative, these surveys need to peel another layer and look deeper at the commonalities that tie these together.

Previous Article
Are Changeable Default Passwords a Vulnerability?
Are Changeable Default Passwords a Vulnerability?

Steve Ragan of CSO Magazine has an interesting article on a statement from ICS-CERT indicating that changea...

Next Article
UK Banks to Be Put to the Cyber Test
UK Banks to Be Put to the Cyber Test

Cybercrime is big business and the greater the financial rewards, the more targeted and persistent attacker...