• Home
  • cyber
  • Orange Cyberdefense: Internal threats now pose the biggest risk to companies
cyber Cyber Attack

Orange Cyberdefense: Internal threats now pose the biggest risk to companies

May 1, 2025 2 min read
Orange Cyberdefense: Internal threats now pose the biggest risk to companies

Internal Threats Now Dominate Cybersecurity Incidents, New Data Shows

Internal threats have overtaken external attacks as the leading cause of cybersecurity incidents, accounting for 57% of all cases a first in recent years, according to new research from Orange Cyberdefense. The findings, highlighted by Tech Radar, reveal a sharp rise in insider-related risks, driven by employee misuse, shadow IT, and exploitation of routine behaviors.

Key drivers of the shift:

  • Employee misuse makes up 45% of internal incidents, surpassing hacking (31%).
  • Shadow IT the use of unauthorized tools has become a major vulnerability, with 53% of incidents involving employee devices.
  • Identity-based attacks have surged, rising from 10% to 17% of cases.

Carl Morris, Senior Security Researcher at Orange Cyberdefense, emphasized that policy workarounds and lax controls are increasingly exploited by attackers, making internal threats as damaging as sophisticated external breaches. The report underscores the need for organizations to strengthen access controls and adopt multi-factor authentication to mitigate growing risks.

The data reflects a broader trend: as external defenses improve, attackers are pivoting to human-centric vulnerabilities within organizations.

Source: https://www.scworld.com/brief/internal-threats-now-pose-the-biggest-risk-to-companies

Orange Cyberdefense cybersecurity rating report: https://www.rankiteo.com/company/orange-cyberdefense

"id": "ORA1777999109",
"linkid": "orange-cyberdefense",
"type": "Cyber Attack",
"date": "5/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'attack_vector': ['Employee misuse', 'Shadow IT', 'Identity-based attacks'],
 'description': 'Internal threats have overtaken external attacks as the '
                'leading cause of cybersecurity incidents, accounting for 57% '
                'of all cases. The findings reveal a sharp rise in '
                'insider-related risks, driven by employee misuse, shadow IT, '
                'and exploitation of routine behaviors.',
 'lessons_learned': 'Organizations need to strengthen access controls and '
                    'adopt multi-factor authentication to mitigate growing '
                    'risks from internal threats.',
 'post_incident_analysis': {'root_causes': ['Employee misuse (45% of internal '
                                            'incidents)',
                                            'Shadow IT (53% of incidents)',
                                            'Identity-based attacks (17% of '
                                            'cases)']},
 'recommendations': ['Strengthen access controls',
                     'Adopt multi-factor authentication'],
 'references': [{'source': 'Orange Cyberdefense'}, {'source': 'Tech Radar'}],
 'title': 'Internal Threats Dominate Cybersecurity Incidents',
 'type': 'Insider Threat',
 'vulnerability_exploited': ['Policy workarounds',
                             'Lax controls',
                             'Unauthorized tools']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.