by Tim Brown, vice president of security, SolarWinds
The cybersecurity landscape is more sophisticated now than ever before; from spear-phishing to malware and ransomware, cybercriminals continue finding new ways to compromise businesses. While it’s never been easier for cybercriminals to conduct both random and focused attacks, in reality, an equally dangerous and even more imminent threat exists: internal user mistakes and technology deployment misconfigurations that leave businesses vulnerable to attacks.
SolarWinds recently released findings from a new IDC white paper, which found that organizations are prioritizing security in terms of budget and tool adoption but are vulnerable to even greater risks that exist within their organizations. The white paper, Affordable Tools and Shared Responsibilities Define Midmarket IT Security Trends is based on a survey of both IT and non-IT respondents on their organizations’ cybersecurity practices, designed to explore the threat landscape. The survey revealed an alarming trend: nearly 62 percent of survey respondents cited user errors as the top cybersecurity threat within the company, claiming that user mistakes contributed to the largest attack exposure.
Vulnerability to Insider Threats is Mounting
More than 50 percent of survey respondents claimed that employees (excluding privileged users and executives) pose the biggest risk for insider abuse and misuse. Below employees, contractors (41 percent) and privileged IT admins (31 percent) were the next biggest threats.
Fewer than half of survey respondents (47 percent) cited external bad actors infiltrating the network and systems as the leading cause of cybersecurity issues. Organizations have demonstrated progress when it comes to defending against external threats but are still vulnerable to increasingly risky insider threats.
Overconfidence in Skillsets
In addition to the mounting risks associated with insider threats, survey results also found that cybersecurity teams are often overconfident when it comes to their abilities to defend their IT environments and must continue to pay equal attention to protective strategies.
When asked about technologies used to protect organizations from external and internal threats, only 32 percent cited endpoint protection and 27 percent cited patch management. This lack of patch management activity and reduced focus on network endpoints is alarming, as these basic cyberhygiene best practices must be combined with detection to help ensure that the “front door” is not left open.
The Cost of Proactivity
Although detection or monitoring tools are in place at most midmarket companies, protective practices need additional focus. The primary tactic used to respond to and recover from incidents is backup and recovery (79 percent). The majority of the midmarket isn’t able to fund or conduct extensive forensic analysis activities leading to any patient zero identifications (28 percent).
While organizations are working to dedicate more budget toward solutions and tools to improve security measures, the tools are often cost-prohibitive. Sixty-five percent of respondents reported plans to increase their security spending in 2019, but midmarket companies are still price conscious when it comes to security investments. Fifty-four percent of respondents claimed they would be able to improve their cybersecurity posture if security solutions were more affordable.
As this survey shows, cybersecurity is a significant challenge for most organizations and midmarket companies are working tirelessly to defend against threats. The survey key findings point to the need for affordable, accessible security solutions to combat both external and internal attacks, or businesses run the risk of vulnerabilities turning into devastating attacks.