By Francis Downey, Head of Sales, b4b Group
For years, businesses have been told to look outward when it comes to cyber risk and to focus their attention on hackers, phishing emails, and a wide range of increasingly sophisticated attacks. These safeguards remain important, but what if the greatest vulnerability isn’t outside your organisation at all? What if it’s already embedded in everyday behaviours, routine processes and the tools teams rely on to do their jobs?
The unfortunate reality is that cyber risk is no longer only an external problem.
Recent data from Orange Cyberdefense indicates that internal security incidents now account for 57% of all cases, overtaking external attacks and marking a significant turning point. It suggests that, despite growing investment in perimeter security, vulnerabilities inside organisations are becoming a more pressing concern.
Importantly, this rise is not solely driven by malicious insiders. In fact, a large proportion of incidents stem from everyday behaviours – employees bypassing established security protocols, using unauthorised applications, or accessing sensitive data inappropriately, can inadvertently create exploitable gaps.
Employee misuse now accounts for 45% of confirmed incidents, underlining just how critical human behaviour has become in the overall risk profile.
At the same time, the proliferation of end-user devices is compounding the issue. Laptops and mobile devices are now involved in over half of all incidents. With hybrid and remote working firmly embedded across Northern Ireland’s business landscape, the traditional network boundary has all but disappeared.
Each device represents a potential entry point, and each user a potential vulnerability.
What is particularly striking is that this is not an issue confined to any one segment of the market. Both SMEs and large enterprises are experiencing similar levels of impact (43% and 45% respectively), reinforcing a key point – insider risk is universal, and no organisation is immune.
So, what needs to change?
Firstly, businesses must move beyond a purely defensive mindset. Cybersecurity should not be treated as a technical function alone; it must be embedded into organisational culture. This starts with user awareness. Employees need to understand not just what the rules are, but why they matter and how their actions contribute to overall risk.
Secondly, access controls should be tightened. Ensuring that individuals only have access to the data and systems necessary for their role significantly reduces exposure. Coupled with this, continuous monitoring of user activity is essential to identify unusual behaviour before it escalates into a serious incident.
Finally, governance needs to evolve in line with this new reality. Policies must reflect modern working practices, and organisations must have clear visibility across their entire digital environment.
This shift towards insider-driven risk isn’t a passing trend, it reflects a real change in where threats are coming from. Ultimately, managing cyber risk is no longer just about keeping threats out, it’s about making sure your business isn’t leaving the door open.
*This article was originally published in The Irish News