Awareness Up, but Agencies Still Vulnerable

Wednesday, March 30, 2016 @ 11:03 AM gHale


The fight to secure networks continues to grow, but while that awareness rises, a majority of IT security professionals in United States federal agencies feel their organization is vulnerable to data threats, a new report found.

According to the report, 90 percent of IT professionals working for the U.S. government feel their organization is vulnerable to data threats, and 61 percent have admitted already suffering a breach, the survey said. Nearly half of respondents named skill shortages and budgets as the main challenges in improving data security.

RELATED STORIES
Software Vulnerabilities Grow in 2015
Attacks on Rise, Incident Response Tougher
Attacking an ICS from ‘Inside Out’
ICS-CERT BlackEnergy Report

The survey is part of Vormetric’s 2016 Data Threat Report, where information came from 1,100 senior IT security executives from large enterprises around the world, including more than 100 who work in U.S. federal government organizations.

Despite an increasing number of reports describing attacks carried out by nation states against the U.S. government, most security experts working in federal agencies fear cybercriminals (76 percent) over nation-state hackers, which ranked fourth with 47 percent. As for internal threats, 64 percent named privileged users, followed by contractor accounts at 43 percent.

When asked about the areas where they plan on spending more over the next year, the top answers were network defenses (53 percent), and analysis and correlation tools (46 percent). While data-at-rest defenses are considered highly efficient for securing data, only 37 percent of respondents will increase spending in this category.

A majority of respondents (60 percent) believe network defenses are very efficient for data protection, but Vormetric said network and endpoint security actually provides little protection against multi-stage attacks.

Being compliant with standards does not necessarily mean an organization is properly protecting sensitive information, as demonstrated by high-profile data breaches. However, well over half of IT security pros working at federal agencies believe meeting compliance is highly effective for protecting data.

The study shows professionals are taking steps in the right direction, with respondents stating their intention to increase spending in sensitive data protection, invest in data-at-rest defenses, and implementing newer and more efficient data security tools.

Click here to download the report.