For a long time, organizations believed that cybersecurity attacks occurred due to bad external actors. They functioned on the belief that everything inside the organization is safe. They formulated security strategies and invested in cybersecurity technologies based on those beliefs. However, a closer look at the patterns and the rise in cybersecurity attacks revealed that internal networks, endpoints, and assets could equally pose cybersecurity risks to organizations.