Internal user mistakes create large percentage of cybersecurity incidents
Internal user mistakes created the largest percentage of cybersecurity incidents over the past twelve months (80%), followed by exposures caused by poor network system or application security (36%), and external threat actors infiltrating the organization’s network or systems (31%), SolarWinds research reveals.
Poor password management ranked as the leading cause of concern for German IT professionals regarding insider threats. Forty-five percent of tech pros surveyed indicated poor password management or weak passwords as the most common cause of accidental or careless insider breaches, while 42% cited sharing passwords as the most common problem.
Password management issues, accidental exposure, deletion, corruption or modification of critical data (40%), and copying data to unsecured devices (36%) were the other leading causes reported that lead to insider mistakes.
The survey results also found that 89% of tech pros surveyed indicated they feel unequipped to successfully implement and manage cybersecurity tasks today with their current IT skillset.
Threat trends: Internal users put organizations at risk
Types of cybersecurity threats leading to security incidents within the past 12 months:
- Out of a variety of security incidents, 80% of respondents attributed the largest portion of cybersecurity threats to internal users making mistakes, while 31% attributed at least a portion to external threat actors; followed by 36% that indicated exposures caused by poor network system and/or application security have led to security incidents.
- 70% indicated regular employees are the users who pose the biggest risk for insider abuse and/or misuse, followed by privileged IT administrators and executives (45% and 33%, respectively).
- 45% named poor password management as the most common cause of accidental/careless insider breaches from employees and contractors, while 42% of tech pros surveyed state that sharing passwords is the most common cause, followed by accidentally exposing, deleting, corrupting, and/or modifying critical data and copying data to unsecured devices (40% and 36%, respectively).
The following cybersecurity threats could lead to security incidents in the next 12 months:
- 55% of respondents are extremely concerned or moderately concerned (combined) about internal users making mistakes that put organizations at risk. This is followed by 50% and 42% indicating exposure caused by poor network system and/or system security and external threat actors infiltrating their organization’s network and/or systems as the top concerns, respectively.
- Nearly half of tech pros surveyed are extremely concerned or moderately concerned (combined) that cybercriminals will lead to security incidents in the next twelve months, while one-third of tech pros feel the same about cyberterrorists—and one-fifth of tech pros indicating nation-state actors as top concerns within the same timeframe.
IT skillsets and landscape: Not sufficiently equipped
- 89% of tech pros feel unequipped to successfully implement and manage cybersecurity tasks today given their current IT skillset, while over half of tech pros surveyed (54%) feel unequipped to utilize predictive analytics to determine the likelihood of outcomes in their architecture.
- One-fourth of tech pros feel the most significant barrier to maintaining and improving IT security within their organization is the complexity of their IT infrastructure, followed by budget constraints (20%), and lack of manpower (19%).
- 45% of tech pros surveyed have adopted a hybrid approach to their IT security, protecting and managing the security of their own network but also using a managed provider to deliver some security services—while 43% are self-managed and 6% outsource entirely.
Top security technologies
Detection:
- Access rights management (64%)
- IDS and/ or IPS (48%)
- Vulnerability assessment (38%)
Protection:
- Email security (77%)
- Data encryption (70%)
- Endpoint protection (65%)
- Patch management (65%)
Risk management:
- Identity governance (58%)
- Asset management (55%)
- Governance, risk, and compliance (GRC) (45%)
Response and recovery:
- Backup and recovery (70%)
- Access rights management (50%)
- Incident response (37%)
The findings are based on a survey fielded in August/September 2019, which yielded responses from 110 technology practitioners, managers, and directors in Germany from public- and private-sector small, mid-size and enterprise organizations.