Insider cyberthreats in government agencies hit all-time high, report says

Untrained insiders and foreign governments create huge cybersecurity risks in government agencies, according to a SolarWinds report.

Reduce insider threats by taking these simple steps Contrary to popular belief, most big hacks come from the inside. Prevent the worst by implementing these strategies.

More than half (56%) of government IT security professionals said untrained insiders are a top source of IT security threats in the federal sector, according to a Solarwinds report released Tuesday. Some 52% believed foreign governments were also primary threats. Both numbers have increased dramatically in the past five years, indicating the prevalence of both threats, the report added.

SEE: Information security policy template download (Tech Pro Research)

Contractors and temporary workers bring new security challenges to government agencies, the report found. The most common form of breaches by contractors include accidently exposing, deleting, or modifying critical data (48%); accessing resources that are not necessary to complete their jobs (46%); and using unsecured Wi-Fi networks (42%).

"This year's results demonstrate the challenges facing government IT security pros, but also the progress they've made in meeting those challenges," said Jim Hansen, vice president of products, security and cloud at SolarWinds, in a press release. "The risk posed by careless untrained insiders and foreign governments is at an all-time high, yet for the most part, IT pros feel like their agencies are doing good jobs with their IT security. In particular, they believe that government mandates and investments in training are paying dividends."

However, 40% of respondents view their security training efforts as above average or superior. Most government IT professionals rely on ongoing security trainings (53%), multi-factor authentication (50%), and onboarding security training (49%) to effectively mitigate risk, the report found. But a perception gap exists between this training and its effectiveness.

"The results of this year's survey are encouraging, but there's certainly more work to do," said Mav Turner, vice president of product strategy at SolarWinds, in the release.

Government agencies could use implement artificial intelligence (AI) tools to help mitigate the problem. Blackberry, for example, announced Tuesday a new AI platform that uses behavior analytics to monitor user conduct and identify suspicious users in real-time.

To learn more about how to protect your organization from cyber threats, check out this articlefrom our sister site ZDNet.

The big takeaways for tech leaders:

  • 56% of government IT security professionals blame security threats on untrained or careless insiders. — Solarwinds, 2019
  • Even though these risks have increased, 40% of respondents still think security training efforts are effective. — Solarwinds, 2019

Also see

security.jpg
Image: iStockphoto/Urupong