Internal user mistakes create large percentage of cybersecurity incidents

Internal user mistakes created the largest percentage of cybersecurity incidents over the past twelve months (80%), followed by exposures caused by poor network system or application security (36%), and external threat actors infiltrating the organization’s network or systems (31%), SolarWinds research reveals.

internal user mistakes

Poor password management ranked as the leading cause of concern for German IT professionals regarding insider threats. Forty-five percent of tech pros surveyed indicated poor password management or weak passwords as the most common cause of accidental or careless insider breaches, while 42% cited sharing passwords as the most common problem.

Password management issues, accidental exposure, deletion, corruption or modification of critical data (40%), and copying data to unsecured devices (36%) were the other leading causes reported that lead to insider mistakes.

The survey results also found that 89% of tech pros surveyed indicated they feel unequipped to successfully implement and manage cybersecurity tasks today with their current IT skillset.

Threat trends: Internal users put organizations at risk

Types of cybersecurity threats leading to security incidents within the past 12 months:

  • Out of a variety of security incidents, 80% of respondents attributed the largest portion of cybersecurity threats to internal users making mistakes, while 31% attributed at least a portion to external threat actors; followed by 36% that indicated exposures caused by poor network system and/or application security have led to security incidents.
  • 70% indicated regular employees are the users who pose the biggest risk for insider abuse and/or misuse, followed by privileged IT administrators and executives (45% and 33%, respectively).
  • 45% named poor password management as the most common cause of accidental/careless insider breaches from employees and contractors, while 42% of tech pros surveyed state that sharing passwords is the most common cause, followed by accidentally exposing, deleting, corrupting, and/or modifying critical data and copying data to unsecured devices (40% and 36%, respectively).

The following cybersecurity threats could lead to security incidents in the next 12 months:

  • 55% of respondents are extremely concerned or moderately concerned (combined) about internal users making mistakes that put organizations at risk. This is followed by 50% and 42% indicating exposure caused by poor network system and/or system security and external threat actors infiltrating their organization’s network and/or systems as the top concerns, respectively.
  • Nearly half of tech pros surveyed are extremely concerned or moderately concerned (combined) that cybercriminals will lead to security incidents in the next twelve months, while one-third of tech pros feel the same about cyberterrorists—and one-fifth of tech pros indicating nation-state actors as top concerns within the same timeframe.

IT skillsets and landscape: Not sufficiently equipped

  • 89% of tech pros feel unequipped to successfully implement and manage cybersecurity tasks today given their current IT skillset, while over half of tech pros surveyed (54%) feel unequipped to utilize predictive analytics to determine the likelihood of outcomes in their architecture.
  • One-fourth of tech pros feel the most significant barrier to maintaining and improving IT security within their organization is the complexity of their IT infrastructure, followed by budget constraints (20%), and lack of manpower (19%).
  • 45% of tech pros surveyed have adopted a hybrid approach to their IT security, protecting and managing the security of their own network but also using a managed provider to deliver some security services—while 43% are self-managed and 6% outsource entirely.

Top security technologies

Detection:

  • Access rights management (64%)
  • IDS and/ or IPS (48%)
  • Vulnerability assessment (38%)

Protection:

  • Email security (77%)
  • Data encryption (70%)
  • Endpoint protection (65%)
  • Patch management (65%)

Risk management:

  • Identity governance (58%)
  • Asset management (55%)
  • Governance, risk, and compliance (GRC) (45%)

Response and recovery:

  • Backup and recovery (70%)
  • Access rights management (50%)
  • Incident response (37%)

The findings are based on a survey fielded in August/September 2019, which yielded responses from 110 technology practitioners, managers, and directors in Germany from public- and private-sector small, mid-size and enterprise organizations.

Don't miss