There is redundant and inefficient security on endpoints. New ways of delivering security, such as network analytics and threat detection via AI, must be considered soon.
– IT Director, Army
The top risks to federal IT systems aren’t from terrorists or criminals looking for a big payoff. Instead, the number one source of security threats comes from inside the network, according to the fifth Federal Cybersecurity Survey from IT management software provider, SolarWinds. In all, 56% of those surveyed identified careless or untrained insiders as the biggest risk, up from 42% just 5 years before.
The survey, which polled 200 government IT security professionals in civilian and defense agencies, also revealed 52% of respondents were concerned about threats from foreign governments. In comparison, just 34% named foreign governments as a top-tier source of risk in the 2014 survey.
While these sources of attacks are significant, that doesn’t mean their success rate has also risen. According to Jim Hansen, VP of Products, Security and Cloud for SolarWinds. “The risk posed by careless untrained insiders and foreign governments is at an all-time high, yet for the most part, IT pros feel like their agencies are doing good jobs with their IT security.” Hansen added that government mandates and investments in training are believed to be helping keep these threats at bay.
A majority of survey respondents cited security frameworks or mandates as contributing to better management of risk, in contrast to last year, where more than half said that these standards interfered with security to some extent. The security professionals also pointed to improvements to strategy, training and awareness, and intrusion detection and prevention tools as helping manage the risks of insider threats.
The survey also shows that attacks from the general hacking community have risen substantially over last year, jumping from 38% in 2017 to 48% in 2018. By contrast, “hacktivism” declined slightly, from 34% in 2017 to 31% in 2018. Terrorists, for-profit criminals and industrial spies trailed the other sources named by agencies.
Some respondents remain concerned that solutions and guidance aren’t coming quickly enough and that federal agencies are always playing catch-up:
“Interest in IT security occurs only after an incident. Then after the dust settles (investigations, reviews, numerous warning and alert memos), it’s back to the same business as usual.”
– Directorate Executive, ATF
According to Mav Turner, SolarWinds’ VP of Product Strategy, that’s the nature of an evolving cybersecurity environment. “Agency IT professionals must continue to identify ways to improve security around contractors and temporary workers, who comprise a large population of the federal workforce. Insider and foreign threats continue to loom,” he said, adding, “Overall, agencies appear to be on the right track, with the right tools and policies in place—a trend we hope will continue into next year.”
SolarWinds experts will be discussing the results from the latest Federal Cybersecurity Survey in a webinar on April 10, 2019 at 11:00 am ET.