Welcome!

Government Cloud Authors: Pat Romanski, Elizabeth White, Liz McMillan, Dana Gardner, Gopala Krishna Behara

News Feed Item

Internal Federal Cybersecurity Threats Nearly as Prevalent as External, SolarWinds Survey Reveals

While the Majority of Federal IT Pros Claim Their Agencies Are Cybersecurity-Ready, They Still Face Malicious Outsider Threats as Well as Internal Ignorance, and They Must Prevent and Mitigate These Attacks Despite Organizational Issues and Budget Constra

AUSTIN, TX -- (Marketwired) -- 03/26/14 -- SolarWinds (NYSE: SWI), a leading provider of powerful and affordable IT management software, today announced the results of its cybersecurity survey among federal IT Professionals, revealing that while the majority of respondents describe their agencies as cybersecurity-ready, many still face attacks and threats by both malicious intruders and careless and untrained insiders, and they are tasked with mastering IT security despite organizational and budget challenges.

In early 2014, Market Connections, a leader in providing customized government market research, in conjunction with SolarWinds conducted a blind online survey of 200 IT and IT security professional decision makers in the federal government and military. Nearly all respondents (94%) rated their agencies' cybersecurity readiness as good or excellent, asserting that they have the necessary cybersecurity tools, processes and policies in place. Despite their confidence, though, federal IT departments still face a myriad of cybersecurity threats.

Federal IT's Biggest Cybersecurity Hazards: People

  • External hacking is the top cybersecurity threat plaguing federal agencies, according to half of respondents. Other human-caused threats include insider data leakage and theft (29%), mobile device theft (20%, or 25% among Civilian-only), and physical security attacks (18%).
  • Some respondents even admitted they "don't know what they don't know" -- nine percent were unsure if any cyber threats affected their agency.

Agency Insiders Nearly as Damaging as External Attackers

  • While 47 percent of respondents said the general hacking community is first to blame for cybersecurity breaches, careless and untrained insiders are a close second (42%), indicating that insiders may inadvertently pose nearly as many risks as deliberate, malicious hackers.
  • Further, 53 percent of Defense-only IT Pros named careless and untrained insiders their top security threat sources -- more so than foreign governments (48%) and terrorists (31%).
  • Another 26 percent of Defense IT Pros said malicious insiders endanger their own agencies.

"Despite the many rules and system lockdowns in place in federal IT organizations, people are by nature uncontrollable and therefore are absolutely the greatest risks to IT security," said Chris LaPoint, VP Product Management, SolarWinds. "While federal IT Pros can't change these human behaviors, they can take control of their IT infrastructures by implementing continuous monitoring of networks, servers and applications and finding the right technologies to quickly mitigate threats."

Obstacles to Maintaining Federal Cybersecurity

  • Budget constraints are the single most significant obstacle to maintaining or improving IT security, said 40 percent of respondents. Other obstacles represent internal organizational challenges like competing priorities (19%) and complex internal environments (14%).
  • Hindrances to implementing the appropriate IT security tools include lack of budget (63%) and organizational issues or "turf battles" (42%), as well as cost concerns for maintenance, upgrades and training.

Given the variety of cybersecurity threats and the unpredictability of human behavior, coupled with low budget and organizational challenges, federal IT Pros must consider taking a more pragmatic and unified approach to addressing the availability, performance, and security of their infrastructures: collect once, report to many. This means selecting tools that can address continuous monitoring across both IT Operations and Information Security domains.

Continuous monitoring of IT infrastructures can help federal IT Pros safeguard against human error and quickly identify vulnerabilities, compliance issues and other threats by automatically collecting data and reporting on the performance, availability and security posture of an IT infrastructure.

  • Two-thirds of survey respondents have at least one continuous monitoring solution implemented and the majority see positive return on investment.
  • IT Pros employing continuous monitoring can detect risky behavior faster than those without. For example, 46 percent of users can detect rogue devices on the network in minutes compared to 23 percent of non-users, and 30 percent of users can detect when firewall rules are out of compliance within minutes compared to 16 percent of non-users.

"SolarWinds' study provides detailed insight into threats and challenges government IT agencies face -- whether external or internally born," said Laurie Morrow, director of research services, Market Connections, Inc. "This research will help federal IT Professionals take a closer look at their cybersecurity infrastructures and identify strategies for monitoring and preventing future security disturbances."

SolarWinds Solutions for Government
SolarWinds provides IT management and monitoring solutions to numerous common public sector IT challenges including continuous monitoring, cybersecurity, network operations, compliance, data center consolidation, cloud computing, mobile workforce and devices, and scaling to the enterprise.

U.S. Government certifications and approvals include Army CoN, Air Force APL and Navy DADMS, and technical requirements include FIPS PUB 140-2 compliance (as specified by the National Institute of Standards and Technology), DISA STIG automated reports, Section 508 VPATs, and previous Common Criteria EAL 2 Certification.

SolarWinds software is available on the U.S. General Services Administration (GSA) Schedule, Department of Defense ESI and other contract vehicles. Visit SolarWinds' Government Solutions page for more information including fully functional free trials of products or visit SolarWinds' community, thwack, to download 300 free out-of-the-box compliance report templates of major auditing authorities including DISA STIG, FISMA, and NIST.

Additional Resources:

*From January 21 to February 5, 2014 Market Connections surveyed 200 IT security professionals in federal government and military service in conjunction with SolarWinds. Full survey results are available upon request.

About SolarWinds
SolarWinds (NYSE: SWI) provides powerful and affordable IT management software to customers worldwide from Fortune 500 enterprises to small businesses. In all of our market areas, our approach is consistent. We focus exclusively on IT Pros and strive to eliminate the complexity that they have been forced to accept from traditional enterprise software vendors. SolarWinds delivers on this commitment with unexpected simplicity through products that are easy to find, buy, use and maintain while providing the power to address any IT management problem on any scale. Our solutions are rooted in our deep connection to our user base, which interacts in our online community, thwack, to solve problems, share technology and best practices, and directly participate in our product development process. Learn more today at http://www.solarwinds.com/.

SolarWinds, SolarWinds.com and thwack are registered trademarks of SolarWinds. All other company and product names mentioned are used only for identification purposes and may be trademarks or registered trademarks of their respective companies.

Add to Digg Bookmark with del.icio.us Add to Newsvine

MEDIA CONTACTS:
Katie Hanusik
Speakerbox PR
Phone: 703.287.7824
[email protected]

Courtney Cantwell
SolarWinds
Phone: 512.682.9692
[email protected]

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

IoT & Smart Cities Stories
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected pat...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Druva is the global leader in Cloud Data Protection and Management, delivering the industry's first data management-as-a-service solution that aggregates data from endpoints, servers and cloud applications and leverages the public cloud to offer a single pane of glass to enable data protection, governance and intelligence-dramatically increasing the availability and visibility of business critical information, while reducing the risk, cost and complexity of managing and protecting it. Druva's...
BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.
The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, compared the Jevons Paradox to modern-day enterprise IT, examin...
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors! In this blog post, we provide 7 tips on how, as part of our world-class faculty, you can deliver one of the most popular sessions at our events. But before reading...
DSR is a supplier of project management, consultancy services and IT solutions that increase effectiveness of a company's operations in the production sector. The company combines in-depth knowledge of international companies with expert knowledge utilising IT tools that support manufacturing and distribution processes. DSR ensures optimization and integration of internal processes which is necessary for companies to grow rapidly. The rapid growth is possible thanks, to specialized services an...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...