• Wednesday, 1st April, 2026

Concerns Rise Over Insider Risks As Organisations Focus on External Cyber Threats

Nigeria | 4 seconds ago

Michael Olugbode in Abuja

Security analysts are warning organisations to rethink their approach to cybersecurity, arguing that an excessive focus on external attackers may be leaving a critical vulnerability largely unaddressed: threats originating from within the organisation itself.

According to a security operations analyst, Ruth Itua, insider risk remains one of the most underestimated challenges in modern cybersecurity frameworks, despite evidence that employees, contractors, and trusted partners can inadvertently or deliberately expose organisations to major breaches.

Industry discussions on cybersecurity often concentrate on sophisticated malware, foreign hackers, and large-scale cyberattacks.

While these threats remain significant, Itua noted that the attention given to them can obscure a more uncomfortable reality—that some of the most damaging security incidents originate from individuals who already have legitimate access to internal systems.

Experts described insider risk not merely as isolated misconduct but as a structural issue tied to how organisations design their digital systems. 

As businesses increasingly digitise their operations and expand access to internal networks and databases, they also widen the potential attack surface. 

In many cases, access privileges are granted quickly to support productivity and collaboration, without fully accounting for the security implications.

Individuals operating within organisations are often treated as part of a trusted environment. 

However, this trust boundary can also create blind spots in traditional cybersecurity systems, which are typically designed to detect and block threats attempting to enter from outside networks rather than scrutinise activity already occurring within them.

Cybersecurity specialists generally classified insider threats into three broad categories: malicious insiders who intentionally misuse their access; negligent insiders who unintentionally compromise security through careless actions; and compromised accounts where attackers gain control of legitimate user credentials.

While malicious insiders tend to attract the most attention, analysts say many incidents actually stem from routine workplace behaviours. 

These include clicking on phishing links, reusing passwords across multiple platforms, or responding to urgent but unverified digital requests. Such actions, experts argue, are often predictable outcomes of everyday working conditions rather than rare mistakes.

The pattern raises broader questions about organisational security design. Analysts say if employees consistently become entry points for attackers through common actions, the problem may extend beyond individual awareness and point instead to weaknesses in system configuration, workplace processes, and decision-making pressures.

Traditional cybersecurity tools such as firewalls, intrusion detection systems, and email filters remain essential but are largely designed around a clear distinction between external threats and internal activity. 

Once attackers gain access through legitimate user accounts, that distinction becomes blurred, making detection significantly more difficult.

Cybercriminals are increasingly exploiting this reality. Rather than attempting to force entry into systems, attackers often rely on social engineering tactics to obtain valid credentials or manipulate staff into granting access. By operating through legitimate accounts and mimicking normal behaviour, they can remain undetected for extended periods.

Analysts said this evolving threat landscape highlights the growing importance of the human factor in cybersecurity. Social engineering attacks are designed to exploit trust, routine workflows, and time pressure within organisations.

To mitigate insider risks, experts recommend measures such as implementing the principle of least privilege, which restricts user access to only what is necessary for their roles. Behavioural monitoring systems can also help organisations identify unusual patterns of activity that may indicate compromised accounts or misuse of access.

However, specialists emphasise that technical controls alone are insufficient. Organisations must also strengthen internal processes for verification and decision-making, particularly in situations where employees may feel pressured to act quickly.

As businesses in Nigeria continue to expand their digital operations, analysts expect insider risks to become increasingly visible. They argue that the issue is not new but has historically received less attention than external cyber threats.

Security experts say improving resilience will require organisations to move beyond reactive cybersecurity measures and examine how their systems, processes, and workplace cultures shape digital security outcomes.

In a rapidly evolving threat environment, analysts warned that the key question is no longer simply whether attackers can gain access to corporate systems, but how easily that access can be legitimised once it is obtained.

Related Articles

Founded on January 22, 1995, THISDAY is published by THISDAY NEWSPAPERS LTD., 35 Creek Road Apapa, Lagos, Nigeria with offices in 36 states of Nigeria , the Federal Capital Territory and around the world. It is Nigeria’s most authoritative news media available on all platforms for the political, business, professional and diplomatic elite and broader middle classes while serving as the meeting point of new ideas, culture and technology for the aspirationals and millennials. The newspaper is a public trust dedicated to the pursuit of truth and reason covering a range of issues from breaking news to politics, business, the markets, the arts, sports and community to the crossroads of people and society.

Helpful Links

Contact Us

You can email us at: hello@thisdaylive.com or visit our contact us page.