Federal agencies face outsider threats and internal ignorance

A SolarWinds cybersecurity survey among federal IT pros revealed that while the majority of respondents describe their agencies as cybersecurity-ready, many still face attacks and threats by both malicious intruders and careless and untrained insiders, and they are tasked with mastering IT security despite organizational and budget challenges.

In early 2014, Market Connections, in conjunction with SolarWinds conducted a blind online survey of 200 IT and IT security professional decision makers in the federal government and military. Nearly all respondents (94%) rated their agencies’cybersecurity readiness as good or excellent, asserting that they have the necessary cybersecurity tools, processes and policies in place. Despite their confidence, though, federal IT departments still face a myriad of cybersecurity threats.

Federal IT’s biggest cybersecurity hazards: People

• External hacking is the top cybersecurity threat plaguing federal agencies, according to half of respondents. Other human-caused threats include insider data leakage and theft (29%), mobile device theft (20%, or 25% among Civilian-only), and physical security attacks (18%).
• Some respondents even admitted they “don’t know what they don’t know” – nine percent were unsure if any cyber threats affected their agency.

Agency insiders nearly as damaging as external attackers

• While 47 percent of respondents said the general hacking community is first to blame for cybersecurity breaches, careless and untrained insiders are a close second (42%), indicating that insiders may inadvertently pose nearly as many risks as deliberate, malicious hackers.
• Further, 53 percent of Defense-only IT Pros named careless and untrained insiders their top security threat sources – more so than foreign governments (48%) and terrorists (31%).
• Another 26 percent of Defense IT Pros said malicious insiders endanger their own agencies.

“Despite the many rules and system lockdowns in place in federal IT organizations, people are by nature uncontrollable and therefore are absolutely the greatest risks to IT security,” said Chris LaPoint, VP Product Management, SolarWinds. “While federal IT Pros can’t change these human behaviors, they can take control of their IT infrastructures by implementing continuous monitoring of networks, servers and applications and finding the right technologies to quickly mitigate threats.”Obstacles to maintaining federal cybersecurity

• Budget constraints are the single most significant obstacle to maintaining or improving IT security, said 40 percent of respondents. Other obstacles represent internal organizational challenges like competing priorities (19%) and complex internal environments (14%).
• Hindrances to implementing the appropriate IT security tools include lack of budget (63%) and organizational issues or “turf battles” (42%), as well as cost concerns for maintenance, upgrades and training.

Given the variety of cybersecurity threats and the unpredictability of human behavior, coupled with low budget and organizational challenges, federal IT Pros must consider taking a more pragmatic and unified approach to addressing the availability, performance, and security of their infrastructures: collect once, report to many. This means selecting tools that can address continuous monitoring across both IT Operations and Information Security domains.

Continuous monitoring of IT infrastructures can help federal IT Pros safeguard against human error and quickly identify vulnerabilities, compliance issues and other threats by automatically collecting data and reporting on the performance, availability and security posture of an IT infrastructure.

• Two-thirds of survey respondents have at least one continuous monitoring solution implemented and the majority see positive return on investment.
• IT Pros employing continuous monitoring can detect risky behavior faster than those without. For example, 46 percent of users can detect rogue devices on the network in minutes compared to 23 percent of non-users, and 30 percent of users can detect when firewall rules are out of compliance within minutes compared to 16 percent of non-users.