Modernization projects, human error top IT security concerns
- By Derek Major
- Mar 01, 2016
What: “2016 Federal Cybersecurity Survey Summary Report,” a survey conducted by SolarWinds and Market Connections on the challenges federal IT professionals face in improving security.
Why: In 2015, records from private health insurance companies, federal agencies and even dating websites were breached. The importance of keeping private data locked has increased as the number and sophistication of attacks have done the same. According to the report, IT departments have to determine the necessary tools to mitigate risk, tighten security, detect breaches faster and fight new threats.
Findings: Some 200 federal government IT decision makers took part in the survey. Half the respondents are with a federal, civilian or independent government agency, while 43 percent work for the Department of Defense or military service.
Respondents believe that the biggest reasons for increased security challenges include incomplete transitions during consolidation and modernization projects, complex enterprise management tools and a lack of familiarity of new systems. All three factors were named by more than 40 percent of respondents.
While the top IT security obstacle continues to be budget constraints, the number of respondents who believe it’s the top obstacle has decreased from 40 percent in last year’s Q1 report to 29 percent this year. Forty-eight percent of respondents believe careless/untrained insiders and foreign governments are the largest sources of security threats at government agencies. The general hacking community comes in second at 46 percent.
IT professionals consider human error to be the most common reason for a security breach to occur in their agency in the last year.
Takeaway: IT consolidation and modernization creates security vulnerabilities because of the increased complexity of managing applications and data an environment of both legacy infrastructure and upgraded systems. IT managers must be as aware of the behavior of careless or untrained employees as they are about the systems and information they’re tasked to protect.
Get more: Read the full report here.
Derek Major is a former reporter for GCN.