Untrained insiders and foreign governments create huge cybersecurity risks in government agencies, according to a SolarWinds report.
More than half (56%) of government IT security professionals said untrained insiders are a top source of IT security threats in the federal sector, according to a Solarwinds report released Tuesday. Some 52% believed foreign governments were also primary threats. Both numbers have increased dramatically in the past five years, indicating the prevalence of both threats, the report added.
SEE: Information security policy template download (Tech Pro Research)
Contractors and temporary workers bring new security challenges to government agencies, the report found. The most common form of breaches by contractors include accidently exposing, deleting, or modifying critical data (48%); accessing resources that are not necessary to complete their jobs (46%); and using unsecured Wi-Fi networks (42%).
"This year's results demonstrate the challenges facing government IT security pros, but also the progress they've made in meeting those challenges," said Jim Hansen, vice president of products, security and cloud at SolarWinds, in a press release. "The risk posed by careless untrained insiders and foreign governments is at an all-time high, yet for the most part, IT pros feel like their agencies are doing good jobs with their IT security. In particular, they believe that government mandates and investments in training are paying dividends."
However, 40% of respondents view their security training efforts as above average or superior. Most government IT professionals rely on ongoing security trainings (53%), multi-factor authentication (50%), and onboarding security training (49%) to effectively mitigate risk, the report found. But a perception gap exists between this training and its effectiveness.
"The results of this year's survey are encouraging, but there's certainly more work to do," said Mav Turner, vice president of product strategy at SolarWinds, in the release.
Government agencies could use implement artificial intelligence (AI) tools to help mitigate the problem. Blackberry, for example, announced Tuesday a new AI platform that uses behavior analytics to monitor user conduct and identify suspicious users in real-time.
To learn more about how to protect your organization from cyber threats, check out this articlefrom our sister site ZDNet.
The big takeaways for tech leaders:
- 56% of government IT security professionals blame security threats on untrained or careless insiders. — Solarwinds, 2019
- Even though these risks have increased, 40% of respondents still think security training efforts are effective. — Solarwinds, 2019
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- Phishing attacks: A guide for IT pros (TechRepublic download)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- The best password managers of 2019 (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)