Employees are the biggest threat to corporate security in Australia, according to a major study.

IT giant IBM polled 150 chief information officers in Australia and found that 75 per cent believe internal threats are their biggest worry. That makes Australian CIOs more concerned about employees than their global counterparts. Globally 66 per cent of CIOs had major concerns with staff.

The study also unearthed further evidence that organised criminal gangs are muscling in on cyber crime, once the domain of the ‘lone hacker’. According to IBM, the problem cannot be tackled by companies alone.

“When we talk about security today, it means considering an entire organisation and much of its ecosystem of partnerships and relationships – from the network to the workforce, and from the workplace to the supply chain. Meeting this challenge requires an industry-wide approach – no one company can do it alone,” said Claudia Warwar, managing consultant at IBM.

While CIOs admitted their greatest fears are internal threats, investment is being ploughed into protecting against external challenges. Around one-third are upgrading firewalls, few are investing in educating staff on security matters.

“As software becomes more secure, computer users will continue to be the weak link for an organisation. Criminals will focus more efforts on convincing end users to execute the attack instead of wasting time in lengthy software vulnerability discovery,” said Warwar.