More than 80 percent of 103 directors surveyed by enterprise security firm Secure Computing said that insider threats posed the biggest danger.
Fewer than one in five respondents indicated that external threats posed by hackers are more dangerous.
The report noted that this could be due in part to 37 percent of respondents having experienced a leak of sensitive information in the past year.
Internal security is at the top of IT directors' shopping lists when asked to rank potential future investments that included perimeter security, staff mobility and network performance.
Email was identified by 34 percent of respondents as the biggest current security risk to organisations, followed by VoIP (25 percent) and browser-related threats (21 percent).
Despite this apparent confidence, however, four in five respondents feel that they could be better prepared for web-borne threats.
Viruses topped the list of external threats for 31 percent of respondents, followed by spam (18 percent) and data leaks (14 percent).
When asked to rank their biggest external security concerns, hackers are surprisingly the area of least concern. Less than a quarter of respondents feel that hacking is the biggest threat.
Malware appears to be the major headache, however, with 56 percent identifying it as their biggest worry.
Kieran Lees, a regional sales director at Secure Computing, said: "It is fascinating to see how perceptions of the threat landscape among senior IT decision makers is evolving.
"The insider threat and data leakage now rival traditional external threats among IT directors' primary concerns.
"It is very encouraging to see that security is starting to be seen as a genuine business enabler rather than just a necessary evil."
Staff more dangerous than hackers
By Robert Jaques on May 30, 2008 7:47AM