SolarWinds Finds Insider Threats Cited as Leading Cause of Security Incidents
June 05 2019 - 6:30AM
SolarWinds (NYSE:SWI), a leading provider of powerful and
affordable IT management software, today released findings from a
new IDC® White Paper, Affordable Tools and Shared Responsibilities
Define Midmarket IT Security Trends, sponsored by SolarWinds. The
white paper is based on a survey of both IT and non-IT respondents
on their organization’s cybersecurity practices to explore the
threat landscape—revealing that organizations are prioritizing
security in terms of budget and tool adoption but are vulnerable to
even greater risks that exist within their organizations.
Specifically, nearly 62 percent of survey respondents cited user
errors as the top cybersecurity threat within the company, claiming
that user mistakes contributed to the largest attack exposure. Of
these insider threats, more than half of survey respondents
reported that regular employees (rather than executives or those
with privileged access) pose the biggest risk for insider abuse or
misuse.
Additional survey results pointed to the need for effective and
affordable tools to help reduce deliberate and malicious attacks
and avoid accidental configurations. And, while detection and
monitoring tools are in place for larger external threats, the
protective practices associated with basic cyberhygiene need
additional focus.
“While the bad guys may be getting increasingly smarter,
SolarWinds is upping the ante for the good guys,” stated Brandon
Shopp, vice president, product strategy, security. “We meet the
demand for affordability and effectiveness because we are focused
on solving the security problems that technology
professionals are trying to solve every day. We’re not trying
to boil the ocean with overly-complex and expensive solutions. We
help simplify security at all levels—from the initial threat
identification stage through to recovery. That’s our promise.”
“Cybercriminals now operate as part of a well-oiled machine that
can easily crank out a variety of attacks that are both random and
focused in nature,” says Tim Brown, vice president of security,
SolarWinds. “But in reality, an equally dangerous and even more
imminent threat exists: internal users. Between mistakes and
technology deployment misconfigurations, organizations are finding
themselves highly susceptible to threats that are perpetuated from
the inside, leaving themselves effectively wide open to
attacks.”
SolarWinds’ breadth of security solutions includes SolarWinds®
Access Rights Manager (ARM), SolarWinds Security Event Manager
(SEM), SolarWinds Threat Monitor, SolarWinds Backup, SolarWinds
Mail Assure, SolarWinds Passportal, SolarWinds Risk Intelligence,
and SolarWinds Patch Manager—plus a suite of monitoring and
management platforms with security baked in, including capabilities
for robust endpoint detection and response.
Key Findings
Organizations have demonstrated significant progress
when it comes to defending against external threats but are still
vulnerable to increasingly risky insider threats.
- Cybersecurity has become a budgeted organizational expense
rather than a proposal for funding; the need for effective and
affordable tools to help reduce deliberate and malicious external
attacks and avoid accidental configurations is being recognized.
- 65% of survey respondents expect their spend on security tools
and services in 2019 to increase YoY, while 34% expect it to stay
the same. Fewer than 1% expect their funds to decrease.
- 40% are beginning to use threat intelligence to adjust
configurations or search for vulnerable situations, while 48%
prioritize vulnerability scanning, followed by SIEM adoption (47%).
- However, most problems and exposures are self-inflicted, with
62% of survey respondents citing users (insiders) making mistakes
that put the company at risk as the top cybersecurity threat that
led to incidents within the company.
- Fewer than half of survey respondents (47%) cited external bad
actors infiltrating the network and systems as the leading case of
cybersecurity issues.
- Of the insider threats, more than 50% of survey respondents
claim that regular employees (not privileged users) pose the
biggest risk for insider abuse/misuse. Below employees, contractors
(41%) and privileged IT admins (31%) were the next biggest
threats.
Organizations are making a concerted effort to dedicate
more budget toward solutions and tools to improve security measures
but the tools are often cost-prohibitive.
- While 65% of respondents report plans to increase their
security spending in 2019, midmarket companies are still price
conscious when it comes to security investments.
- 54% of respondents claim they would be able to improve their
cybersecurity posture if security solutions were more
affordable.
Cybersecurity teams are often overconfident when it
comes to their abilities to defend their IT environments and must
continue to pay equal attention to protective
strategies.
- Survey respondents revealed a misperception about handling
security vs. the market reality. When asked about their confidence
in their ability to use security technologies and defend their
environments with the tools currently in place, the response came
back as a four on a five-point scale.
- However, the skills ratings didn’t significantly change when
the location of the tools was said to be in a public cloud (vs.
on-premises) environment – despite the proliferation of reports
detailing misconfigured cloud storage “buckets” and the increased
complexity associated with identity management in hybrid,
on-premises and cloud environments.
- When asked about technologies used to protect organizations
from external and internal threats, only 32% cited endpoint
protection and 27% cited patch management.
- This lack of patch management activities and reduced focus on
network endpoints is alarming, as these basic cyberhygiene best
practices must be combined with detection to help ensure that the
“front door” isn’t left wide open.
- While detection or monitoring tools are in place at most
midmarket companies, protective practices need additional focus.
- The primary tactic used to respond to and recover from the
incident is backup and recovery (79%).
- The majority of the midmarket isn't yet able to fund or conduct
extensive forensic analysis activities leading to any patient zero
identifications (28%).
To download the white paper, please click here.
The results presented in this study are derived from a survey
link sent to both IT and non-IT respondents who declared themselves
to be either knowledgeable or very knowledgeable about their
organization’s cybersecurity practices. All results were
collected from a survey website during February 2019.
Of all the respondents, 66% were based in North America, 17%
were from the United Kingdom, and 17% were from Germany, Austria
and Switzerland. Regarding company size, 56% of respondents were
from midmarket organizations (100 to 1,000 employees), 24% of
respondents were from large-scale organizations (1,000+ employees),
and 20% of respondents were from small businesses (under 100
employees).
Connect with SolarWinds
- THWACK®
- Twitter®
- Facebook®
- LinkedIn®
#SWIsecurity#SWI
About
SolarWindsSolarWinds (NYSE:SWI) is a leading
provider of powerful and affordable IT infrastructure management
software. Our products give organizations worldwide, regardless of
type, size or IT infrastructure complexity, the power to monitor
and manage the performance of their IT environments, whether
on-premises, in the cloud, or in hybrid models. We continuously
engage with all types of technology professionals—IT operations
professionals, DevOps professionals, and managed service providers
(MSPs)—to understand the challenges they face maintaining
high-performing and highly available IT infrastructures. The
insights we gain from engaging with them, in places like
our THWACK online community, allow us to build products
that solve well-understood IT management challenges in ways that
technology professionals want them solved. This focus on the user
and commitment to excellence in end-to-end hybrid IT performance
management has established SolarWinds as a worldwide leader in
network management software and MSP solutions. Learn more today
at www.solarwinds.com.
The SolarWinds, SolarWinds & Design, Orion, and THWACK
trademarks are the exclusive property of SolarWinds Worldwide, LLC
or its affiliates, are registered with the U.S. Patent and
Trademark Office, and may be registered or pending registration in
other countries. All other SolarWinds trademarks, service marks,
and logos may be common law marks or are registered or pending
registration. All other trademarks mentioned herein are used for
identification purposes only and are trademarks of (and may be
registered trademarks of) their respective companies.
© 2019 SolarWinds Worldwide, LLC. All rights reserved.
MEDIA CONTACTS:Emily Mullen Archetype Phone:
+1-212-331-8422 emily.mullen@archetype.co |
|
Kim CecchiniSolarWindsPhone:
+1-919-957-5019kim.cecchini@solarwinds.com |
SolarWinds (NYSE:SWI)
Historical Stock Chart
From Aug 2024 to Sep 2024
SolarWinds (NYSE:SWI)
Historical Stock Chart
From Sep 2023 to Sep 2024