Survey: Careless errors still pose biggest threat to agency networks
- By Stephanie Kanowitz
- Sep 19, 2017
Careless or untrained insiders are the biggest source of security threats to federal agencies, according to the SolarWinds 2017 Federal Cybersecurity Survey. Fifty-four percent of respondents weight that heavier than threats from foreign governments (48 percent), malicious insiders (29 percent) and terrorists (20 percent). The problem is significantly more pronounced at Defense agencies than civilian ones, the report adds.
This threat source isn’t new; it’s been at or near the top of the list since the 2014 survey. That year, 42 percent of respondents cited careless insiders as the top threat. That number jumped to 53 percent in 2015, decreased slightly to 48 percent in 2016 and rose again to its greatest percentage this year. The other two major threat sources in that time frame were foreign governments and the general hacking community.
What’s more, the type of security threat is changing. In the past 12 months, spam and malware have increased at the agencies where half the respondents work. Social engineering, ransomware and external hacking rounded out the top five increases in threats, while advanced persistent threats remained largely unchanged, according to 74 percent of respondents.
The biggest obstacle to maintaining or improving IT security is budget, with 30 percent citing it as a challenge, according to the report. Competing priorities and complex internal environments follow at 16 percent and 15 percent, respectively. A lack of technical solutions was the least-cited obstacle, with only 2 percent of respondents naming it as a major problem.
A shortage of funding and resources also tops the list of impediments to detection and remediation of threats, with half of respondents citing that shortfall, followed by a lack of skills at 38 percent.
Most respondents said that IT security challenges are increasing, with 66 percent blaming network modernization. Of those who said challenges have grown, about half said they see more vulnerabilities in new technology stacks, the burden of supporting new and existing systems and the lack of training on new technologies.
The report didn’t have all bad news, though. Eighty-five percent of those respondents who said IT security challenges have decreased credit better tools for automated protection and remediation, and 65 percent cite stronger built-in security features in the new equipment.
Some security tools are proving to be effective, too. For instance, 69 percent of respondents applaud smart cards and Common Access Cards, and more than half laud identity and access management tools. The remainder of tools -- endpoint security software, patch management, configuration management, network admission control, for instance -- are largely tied, with 32 percent to 48 percent citing them.
Another ray of light: Detection of security problems is speeding up. Forty-four percent of respondents indicated that their organizations can detect rogue devices on their networks within minutes, while 42 percent can find distributed denial-of-service attacks and 40 percent can discover insiders’ inappropriate internet access that quickly. Sixty-two percent of respondents said that their agency’s ability to detect rogue devices is more robust than commercial sector capabilities.
Additionally, more than three-quarters -- 79 percent -- of respondents describe their agency’s ability to provide managers and auditors with evidence of appropriate IT controls as either excellent or good, with 52 percent calling it good and 27 percent calling it excellent. The survey defines “good” as having updated policies, procedures and technology and regular reporting, while “excellent” means having documented policies and procedures in place to validate controls through scheduled reports.
Conducted in July by Market Connections for SolarWinds, the online survey received answers from 200 federal IT decision-makers and influencers.
Stephanie Kanowitz is a freelance writer based in northern Virginia.