A recent study on digital security claimed that 90% of companies surveyed reported ‘Insider abuse of Internet access’ while 50% had experienced unauthorized access by insiders and 40% by outsiders. These figures are certainly not trivial and highlight a problem that is only increasing in its magnitude.
For many years now industry analysts have been saying that most threats originate within the network with estimates going as high as 80% of attacks originate internally. However, the perception of most organizations is that protecting the perimeter is paramount and that securing the internal network is only a secondary or even tertiary concern. This may be true since the most malicious attacks do come from the outside in many forms; DoS attacks, Viruses, Worms, SYN floods etc. and to make them even more difficult to detect many of the attacks are fragmented.
All of this means that securing the perimeter with intelligent security applications is still of paramount importance but no less important is securing the internal network to complement the security devices at the gateway. Some companies have started shifting their security budgets to a more balanced investment between the perimeter and the internal network and this should increase as more and more companies realize the threat from within. Simple, easy to use solutions that can run in the background and provide intelligent security threat alerts that can be acted on immediately either by individuals or by the solution itself is a step towards hermetically sealing networks both from within and at the perimeter. These types of solution are as necessary to have as a firewall or Anti Virus solution but they must be complimentary and have minimal financial overhead to an already tightly budgeted IT Security department to be cost effective.
Promisec are exhibiting at Infosecurity Europe 2006. Held on the 25th – 27th April 2006 in the Grand Hall, Olympia, this is a must attend event for all IT professionals involved in Information Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.