IT pros name malicious insiders and human error as the top two security concerns with 30% and 25% respectively. Malware threats from various sources and ransomware have been one of the biggest security headaches for business so far in 2019. However, 2020, investment priorities don’t seem to reflect such ongoing priorities that can reflect concerns. A recent survey suggests that organizations will be spending most on cloud, data, and network security. ABI Research conducted a survey for more 1,000 US IT professional that added twenty-one percent of IT decision-makers named compromised devices as another big threat. For survey respondents network security, data security, user authentication, and ID management are the best tools that can best counteract this threat.

The survey had a positive impact that showed 59 percent of respondents reported that their organizations have clear cybersecurity agenda, while half of the businesses are quite aggressive when it comes to adopting new security technology in the e-commerce, government, automotive sector, utilities, and retail.  Proofpoint’s 2019 Human factor report added details about the human security risk for the complete corporate network, instead of attacking computer systems and infrastructure, hackers focused on the people with their roles in a given organization is exploited to get access to confidential data.

Hackers don’t usually target C-level executives who have a higher level of security; they target employees who have their identities easily discovered through various corporate websites, social media, and other online sources. Such ‘Very Attacked’ people are much easier targets than C-level people; hence, there is a demand for implementing internal security systems to protect their resources. IT pros must develop their own social engineering campaign to strengthen their internal defenses, it will require working with human resources and training group. Instead of relying just on the internal networks to protect the data from malware and ransomware attacks, a need to develop employees to become better at spotting fraud and phishing attacks.