Federal IT professionals say their agencies are cyber-resilient, but in reality many grapple with threats and internal ignorance, according to a new study.
In the survey released today by Market Connection and SolarWinds, findings show that while the majority of respondents describe their agencies as cybersecurity-ready, many still face threats by both insiders and external attackers.
Market Connections and SolarWinds earlier this year polled online 200 IT and IT security professional decision makers in the federal government and military. Close to 95 percent of all respondents rated their agencies’ cybersecurity readiness as good or excellent, saying the appropriate tools, processes and policies have been implemented.
However, despite that level of confidence, federal IT departments are challenged with cyber-threats, mainly in one area: people.
- External hacking is federal agencies’ No. 1 cybersecurity threat, according to half of respondents. Other human-caused threats comprise nearly one-third, and mobile-device theft accounts for 20 percent.
- Insiders can do just as much damage as outside attackers, by being careless and untrained, and is the second largest cybersecurity threat to federal agencies.
- For defense IT pros, insiders are their biggest security concern — more so than nation-state attackers and terrorists.
While federal IT organizations have their systems on lockdown, “people are by nature uncontrollable and therefore are absolutely the greatest risks to IT security,” Chris LaPoint, vice president of product management at SolarWinds, said in a statement.
When looking at the overall federal cybersecurity landscape, 40 percent of respondents say budget constraints are the most significant roadblock to maintaining or improving IT security. Other obstacles include internal organizational challenges such as competing priorities (19 percent) and complex internal environments (14 percent).