Security problems created by employees are far more serious than the dangers posed by external hackers and criminals, new research reports.

More than 80 per cent of 103 directors surveyed by enterprise security firm Secure Computing said that insider threats posed the biggest danger.

Fewer than one in five respondents indicated that external threats posed by hackers are more dangerous.

The report noted that this could be due in part to 37 per cent of respondents having experienced a leak of sensitive information in the past year.

Internal security is at the top of IT directors' shopping lists when asked to rank potential future investments that included perimeter security, staff mobility and network performance.

Email was identified by 34 per cent of respondents as the biggest current security risk to organisations, followed by VoIP (25 per cent) and browser-related threats (21 per cent).

Despite this apparent confidence, however, four in five respondents feel that they could be better prepared for web-borne threats.

Viruses topped the list of external threats for 31 per cent of respondents, followed by spam (18 per cent) and data leaks (14 per cent).

When asked to rank their biggest external security concerns, hackers are surprisingly the area of least concern. Less than a quarter of respondents feel that hacking is the biggest threat.

Malware appears to be the major headache, however, with 56 per cent identifying it as their biggest worry.

Kieran Lees, a regional sales director at Secure Computing, said: "It is fascinating to see how perceptions of the threat landscape among senior IT decision makers is evolving.

"The insider threat and data leakage now rival traditional external threats among IT directors' primary concerns.

"It is very encouraging to see that security is starting to be seen as a genuine business enabler rather than just a necessary evil."