SolarWinds,
a leading provider of powerful and affordable IT management software,
today announced the results of its cybersecurity survey among federal
IT Professionals, revealing that while the majority of respondents describe
their agencies as cybersecurity-ready, many still face attacks and threats
by both malicious intruders and careless and untrained insiders, and
they are tasked with mastering IT security despite organizational and
budget challenges.
In early 2014, Market Connections, a leader in providing customized
government market research, in conjunction with SolarWinds conducted
a blind online survey of 200 IT and IT security professional decision
makers in the federal government and military. Nearly all respondents
(94%) rated their agencies' cybersecurity readiness as good or excellent,
asserting that they have the necessary cybersecurity tools, processes
and policies in place. Despite their confidence, though, federal IT
departments still face a myriad of cybersecurity threats. |
Federal IT's Biggest Cybersecurity Hazards: People
External hacking is the top cybersecurity threat plaguing federal
agencies, according to half of respondents. Other human-caused threats
include insider data leakage and theft (29%), mobile device theft (20%,
or 25% among Civilian-only), and physical security attacks (18%).
Some respondents even admitted they "don't know what they don't
know" -- nine percent were unsure if any cyber threats affected
their agency.
Agency Insiders Nearly as Damaging as External Attackers
While 47 percent of respondents said the general hacking community is
first to blame for cybersecurity breaches, careless and untrained insiders
are a close second (42%), indicating that insiders may inadvertently
pose nearly as many risks as deliberate, malicious hackers.
Further, 53 percent of Defense-only IT Pros named careless and untrained
insiders their top security threat sources -- more so than foreign governments
(48%) and terrorists (31%).
Another 26 percent of Defense IT Pros said malicious insiders endanger
their own agencies.
"Despite the many rules and system lockdowns in place in federal
IT organizations, people are by nature uncontrollable and therefore
are absolutely the greatest risks to IT security," said Chris LaPoint,
VP Product Management, SolarWinds. "While federal IT Pros can't
change these human behaviors, they can take control of their IT infrastructures
by implementing continuous monitoring of networks, servers and applications
and finding the right technologies to quickly mitigate threats."
Obstacles to Maintaining Federal Cybersecurity
Budget constraints are the single most significant obstacle to maintaining
or improving IT security, said 40 percent of respondents. Other obstacles
represent internal organizational challenges like competing priorities
(19%) and complex internal environments (14%).
Hindrances to implementing the appropriate IT security tools include
lack of budget (63%) and organizational issues or "turf battles"
(42%), as well as cost concerns for maintenance, upgrades and training.
Given the variety of cybersecurity threats and the unpredictability
of human behavior, coupled with low budget and organizational challenges,
federal IT Pros must consider taking a more pragmatic and unified approach
to addressing the availability, performance, and security of their infrastructures:
collect once, report to many. This means selecting tools that can address
continuous monitoring across both IT Operations and Information Security
domains.
Continuous monitoring of IT infrastructures can help federal IT Pros
safeguard against human error and quickly identify vulnerabilities,
compliance issues and other threats by automatically collecting data
and reporting on the performance, availability and security posture
of an IT infrastructure.
Two-thirds of survey respondents have at least one continuous monitoring
solution implemented and the majority see positive return on investment.
IT Pros employing continuous monitoring can detect risky behavior faster
than those without. For example, 46 percent of users can detect rogue
devices on the network in minutes compared to 23 percent of non-users,
and 30 percent of users can detect when firewall rules are out of compliance
within minutes compared to 16 percent of non-users.
"SolarWinds' study provides detailed insight into threats and challenges
government IT agencies face -- whether external or internally born,"
said Laurie Morrow, director of research services, Market Connections,
Inc. "This research will help federal IT Professionals take a closer
look at their cybersecurity infrastructures and identify strategies
for monitoring and preventing future security disturbances."
SolarWinds Solutions for Government
SolarWinds provides IT management and monitoring solutions to numerous
common public sector IT challenges including continuous monitoring,
cybersecurity, network operations, compliance, data center consolidation,
cloud computing, mobile workforce and devices, and scaling to the enterprise.
To learn more visit Solarwinds during Sea-Air-Space 2014 on
booth 2605
|
