Increased migration to and applications in the cloud make it more difficult to identify insider threats, according to 59 percent of government employees that responded to the MeriTalk Inside Job survey, underwritten by Symantec and released on May 15.
“As boundaries dissolve, the threat landscape is becoming more complex. Thanks to cloud adoption, endpoint multiplication, and the ever-growing remote workforce, insider threats are even more difficult to manage and prevent,” said Rob Potter, vice president of public sector at Symantec.
According to the report, despite the fact that 86 percent of respondents said that their agency has a formal insider threat program in place, 75 percent said insider threats are just as or more challenging to identify and mitigate today than one year ago.
“That, to me, would be the most alarming aspect of the report,” said Potter, explaining that cloud systems, though more cost effective, are harder to establish controls over. “The key part is the acquisition of technologies that address this and then proper implementation of them.”
Potter added that the use of tools like the NIST Cybersecurity Framework and technologies that monitor the accurate operation of various systems are important in reducing insider threats.
There has been a lot of cloud talk, but how are agencies putting it into action? Where is cloud making a difference in terms of agencies’ mission effectiveness? What tangible results are agencies–and their budgets–realizing from moving workloads to the cloud? Join government and industry thought leaders on Wednesday, June 7, for the 2017 Cloud Computing Brainstorm at the Newseum as we discuss how cloud can help make government IT great again.
“Agencies can establish better control over their cybersecurity programs and manage risk more effectively by leveraging the NIST Cybersecurity Framework to identify gaps in their security posture and chart a plan to address them,” said Potter. “Formal threat detection and response protocols, as well as systems for reporting and maintaining potential or actual incidents, are critical to preventing data loss.”
Despite the fact that insider threat continues to be a major problem, Potter said he finds it encouraging that 83 percent of Federal IT managers believe it is likely that the new administration will create policies that help agencies combat insider threats. According to Potter, this indicates that the administration is having the right kinds of conversations with agencies.
President Donald Trump signed a cybersecurity executive order on May 11 that places emphasis on modernizing IT systems to improve security and mandates that agencies use the NIST Cybersecurity Framework.
“The executive order is obviously an indication that we’re seeing strong progress in this direction,” said Potter, adding that he hopes such support will be backed up with funding for agencies. “That, to me, is very encouraging.”
According to Potter, the responses provided by government employees can also open up communication channels with agencies and encourage security improvements.
“Any time that you’re able to poll actual agencies and government workers and get information on what their views are, I almost feel that information is consumed more readily by the government agency,” said Potter.