09 Apr The Enemy Within: The Reality of Internal Cybersecurity Threats
We hear about hacking, malware, and other external threats to government cybersecurity all the time. But, according to a recent survey published by our client SolarWinds (conducted with Market Connections), agencies need to turn their focus inward to combat one of the greatest threats they face.
The survey of 200 public sector IT pros found that internal cybersecurity threats are nearly as prevalent as external threats.
While the vast majority of federal IT pros claim their agencies are cyber-ready, the survey found that:
- External hacking is the top cybersecurity threat plaguing federal agencies (50%). Other human threats include insider data leakage and theft (29%), mobile device theft (20%), and physical security attacks (18%).
- Some respondents even admitted they “don’t know what they don’t know” – 9 percent were unsure if any cyber threats affected their agency.
- While 47 percent of respondents said the general hacking community is the first to blame for cybersecurity breaches, careless and untrained insiders are a close second (42%), indicating that insiders may inadvertently pose nearly as many risks as deliberate, malicious hackers.
- Further, 53 percent of defense-only IT pros named careless and untrained insiders as their top security threat source – more so than foreign governments (48%) and terrorists (31%).
- Another 26 percent of defense IT pros said malicious insiders endanger their own agencies.
If you thought those data points were interesting you’re not alone – quite a few reporters did too. SolarWinds racked up the coverage following this survey’s release. You can see some of the articles here:
- SIGNAL – Defense Department IT Professionals Rank Internal Cybersecurity Threats as Top Hazard
- Homeland Security Today – Insider Threat Top Source Of DoD’s Cyber Vulnerability, Survey Finds
- FedScoop – Is Your Biggest Cyber Threat One Cubicle Away?
- Defense Systems – Biggest Source of DoD Cyber Threats: Inept Co-Workers
- GCN – Can Government’s Cyber Defense Withstand a Market-Driven Offense?