Inside attacks (Score 1)

Notice that all attacks listed are (generally speaking) once you are inside the network. If you are looking to penetrate a network from the outside, I would say software vulnerabilities are your best option for a first try. If that doesn't work then phishing. But if I would agree with the conclusion to secure your soft-n-chewy security once inside, Identity and Access Management is a better start if your resources are that constrained.