cybersecurity cloud

Compromised IDs, reused passwords and shadow IT make a dangerous mix

Government IT managers should take a closer look at their users’ logins, especially when it comes to cloud services. That’s the advice from the recent Cloud Adoption & Risk in Government Report by Skyhigh Networks, a cloud security company.

The report stated that 96.2 percent of public sector organizations have at least one user with a compromised identity or credential, and 6.4 percent of users at the average agency have at least one account compromised. And since 31 percent of passwords are reused across accounts and services, and the average public sector employee uses more than 16 cloud services, the impact of one compromised account can be immense.

The cloud is “increasingly being used as a vector to filter data out of the organization,” said Kamal Shah, Skyhigh Networks VP of products and marketing. “If you’re an insider and you’d like to take data out of the organization you would likely use a cloud service to copy data. So understanding those behaviors becomes extremely important.”

The prevalence of shadow IT compounds the problem. The average public sector organization uses 742 cloud services, which is about 10-20 times more than IT departments expect, Skyhigh found. That makes it difficult for IT staff to get “visibility into the real usage and risk of cloud services as well as the ability to detect threats and seamlessly enforce security, compliance and governance policies,” said Rajiv Gupta, CEO of Skyhigh Networks.

The report also underscored the difficulty of detecting insider threats. While only 7 percent of government IT professionals  said their organization had experienced an insider threat in the past year, actual anomaly detection data from Skyhigh showed 82 percent of companies had behavior suggestive of an insider threat in just the last quarter.

The company analyzes usage data and patterns  “to identify anomalous behavior that might be indicative of a security breach or a malware or a potential cyber threat,” Shah explained.  While “suggestive” data does not always mean a breach was made, the massive gap, as Shah explained, is concern enough. “It’s an area that deserves more attention.”

The Cloud Adoption & Risk is Government Report is based on data from 200,000 public sector employees in the United States and Canada.

About the Author

Amanda Ziadeh is a former reporter/producer for GCN.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected