For many years external security threats received more attention than internal security threats, but the focus has changed. While viruses, worms, Trojans and DoS are serious, attacks perpetrated by people with trusted insider status—employees, ex-employees, contractors and business partners—pose a far greater threat to organizations in terms of potential cost per occurrence and total potential cost than attacks mounted from outside. The reason insider attacks "hurt" disproportionately is that insiders can and will take advantage of two important rights: trust and physical access.

The link for this article located at CSO Online is no longer available.