Insiders are not, after all, the main threat to networks, a detailed new analysis of real-world data breaches has concluded.
Verizon's 2008 Data Breach Investigations Report, which looked at 500 breach incidents over the last four years, contradicts the growing orthodoxy that insiders, rather than external agents, represent the most serious threat to network security at most organizations.
Seventy-three percent of the breaches involved outsiders, 18 percent resulted from the actions of insiders, with business partners blamed for 39 percent -- the percentages exceed 100 percent due to the fact that some involve multiple breaches, with varying degrees of internal or external involvement.
I've been wary of "business partners" for years... which is why they ALWAYS get firewalled onto their own segment. However, many companies who claim to be security vendors, advocate allowing them directly into the internal and server segments. Scary... and stupid.
