IT Modernization a Top Threat to Federal IT Security
DLT partner, SolarWinds recently announced the results of its third annual Federal Cybersecurity Survey, which explores the biggest barriers to improving IT security, including exposure during consolidation and modernization processes, threats from foreign governments and careless or untrained insiders.
Top of the list? IT modernization. In fact, almost half of the government’s IT modernization and consolidation efforts have resulted in an increase in security challenges.
Modernization continues to challenge IT teams for several reasons:
• Incomplete organizational transitions during consolidation and modernization projects
• Enterprise management tools are too complex
• A lack of familiarity with new systems
"As federal IT departments move through the process of consolidation and modernization, the complexity of IT environments increases significantly and the responsibility of managing both legacy infrastructure and upgraded systems places a considerable burden on IT pros," said Mav Turner, director of product strategy, SolarWinds.
There is some good news – the replacement of legacy software and equipment has led 20 percent of respondents to state that security challenges have decreased.
"When completed, consolidation and modernization projects will provide more efficient and secure environments, but this isn't going to happen overnight, so additional attention must be given to securing environments against threats no matter where they originate."
Insiders and Foreign Governments Continue to pose Greatest Threat
In addition, the results call out a new top threat source: untrained insiders and foreign governments are called out as the greatest source of security threats to federal agencies with 48 percent of respondents choosing each source.
Implementing Tools and Strategies Mitigate IT Security Threats
• While 84 percent of respondents see their investment in security tools increasing (51%) in 2016 or staying the same (33%) as it was in 2015, it is important to ensure that the investment is in the right security tools
• Of the 62 percent of respondents whose agencies currently use patch management software, 45 percent have seen a decrease in the time required to detect a security breach and 44 percent a decrease in the time required to respond
• Of the 62 percent of respondents whose agencies currently use configuration management software, 47 percent have seen a decrease in the time required to respond to security breaches
• Only 36 percent of respondents said their agencies security information and event management (SIEM) products in place, but those that have a SIEM solution implemented are significantly more equipped to detect almost every single threat listed in the survey
72 percent of respondents currently use Smart Card/Common Access Card for authentication, and 38 percent say increased use of Smart Cards for dual-factor authentication makes them less vulnerable to security attacks