In a previous post, we took a look at the serious problem of insider threats. Accounting for 30 percent of all security breaches, insider threats include well-meaning users who make mistakes or work around security policies and insiders who attack company IT systems out of malice or for personal gain. The most expensive insider attacks involve credential theft, in which outside hackers steal legitimate usernames and passwords to gain access to IT systems.
Organizations are right to be concerned about shadowy hacker groups infiltrating their IT systems. According to Verizon’s 2020 Data Breach Investigations Report, 70 percent of security breaches can be traced to malicious external actors. Organized criminal groups were behind 55 percent of breaches, and 86 percent of breaches were financially motivated.