Never mind the hacker outside, beware the hacker within

“About 70 to 80 percent of information security breaches in organizations are caused by the firms’ own employees, and not by outside hackers,” says Arie Danon, CEI of information security company Symantec Israel. “It is customarily thought that the danger to an organization is from some crazy bored hacker sitting at home looking for a site to vandalize, but in most instances this is not the case,” says Danon. “Most breaches and failures of information security in organizations are caused by its employees, whether maliciously, because the employee wants to take revenge on the organization or because he has found an easy way to make money, or by accident, when employees don’t follow information security procedures and cause information leaks from the organization, a very common phenomenon.” In recent years Symantec, which purchased the Norton Anti-Virus software program, has diverted the focus from the home market to the organizational market. In the past four years, sales to the home market have dropped from 70 percent of total sales to 40 percent, and the trend is likely to continue. This is no accident. The Gartner research company announced this week that most organizations worldwide will invest more than 5 percent of their information technology (IT) budgets on information security – an all-time high. Organizational spending on security has grown by 28 percent annually since 2001, while IT budgets have grown by just 6 percent per year over the same period. Full Story