SolarWinds: Insider Threats Opening Opportunities for Cybercriminals
A new SolarWinds-backed report shows nearly more than three in five (62%) respondents cited insider threat or user errors as the top security risk within their company, saying user mistakes contributed to the largest attack exposure.
The new IDC report sponsored by SolarWinds is based on a survey of both IT and non-IT respondents on their organization’s cybersecurity practices, revealing that businesses are prioritizing security in terms of budget and tool adoption, but are vulnerable to even greater risks that exist within their organizations.
Tim Brown, SolarWinds‘ vice president of security, tells us the threat landscape is constantly evolving and the insider threat is just another step.
“The opportunity is for the cyber security providers to increase awareness, provide additional monitoring service and provide increased protection to the clients,” he said.
More than half of respondents reported that regular employees, rather than executives or those with privileged access, pose the biggest risk for insider abuse or misuse. While detection and monitoring tools are in place for larger external threats, the protective practices associated with basic cyber hygiene need additional focus.
“It was surprising to see that while detection or monitoring tools are in place at most midmarket companies, protective measures weren’t as strong,” Brown said. “The lack of patch management activities and reduced focus on network endpoints is particularly concerning. Detection is good, but these basic protective measures need to be added in to ensure that companies aren’t effectively inviting the bad guys inside.”
While 65% of respondents report plans to increase their security spending in 2019, midmarket companies are still price conscious when it comes to security investments. Some 54% of respondents claim they would be able to improve their cybersecurity posture if security solutions were more affordable.
“It’s hard to say exactly where security spending should be focused as it really varies by company and need,” Brown said. “For example, a company facing more stringent compliance requirements like health care may need to increase their spending on government, risk management and compliance (GRC) solutions. A growing midmarket business may need to add more sophisticated endpoint protection.”
Survey respondents revealed a misperception about handling security versus the market reality. When asked about their confidence in their ability to use security technologies and defend their environments with the tools currently in place, the response came back as a four on a five-point scale.
However, the skills ratings didn’t significantly change when the location of the tools was said to be in a public cloud versus on premises — despite the proliferation of reports detailing misconfigured cloud storage buckets and the increased complexity associated with identity management in hybrid, on-premises and cloud environments.
“Part of SolarWinds’ mission is to further democratize security in the same way that technology has become increasingly democratized, to help meet a market need not typically met by more expensive and potentially complex enterprise-type solutions,” Brown said. “MSSPs and cybersecurity providers can take this same approach, giving the smaller guys access to security in ways they may not have thought possible. It’s part of our job to give them the tools to help them do that.”