PHOENIX May 3, 2017 BeyondTrust, the leading cyber-security company dedicated to preventing privilege misuse and stopping unauthorized access, today unveiled the results of its Federal Cyber-Security Threat Survey Report 2017. Based on a comprehensive survey of senior Federal IT professionals, the study exposes an aging Federal computing infrastructure which has led to an environment with an alarmingly high risk of breaches.
105 senior IT professionals working for federal agencies were asked about their computing infrastructure, security, breaches and IT modernization. A summary of the findings is included below.
Federal IT managers concerned about antiquated infrastructure.
An overwhelming majority of Federal IT managers (81 percent) say aging IT infrastructures have a somewhat to extremely large impact on their cyber-security risk. Further, three of five (61 percent) say aging infrastructure is a roadblock to achieving federal cyber-security mandate compliance.
We found ample examples of aging infrastructure in our survey. For example, a surprising 47 percent of Federal agencies still use Windows XP, driving a third of respondents (35 percent) to report that this kind of aging infrastructure had a somewhat to large impact on their ability to affect vulnerability patching.
The impacts of aging federal infrastructure don’t stop there …
- · Three of four say aging infrastructure is a somewhat to extremely large risk to their ability to achieve their mission.
- · The biggest impacts include inefficiency, increased cyber risk and problems with compliance.
- · Specific to cyber-security, the top impacts of an aging infrastructure are difficulty with patching, password management and privileged account management (PAM).
- · Respondents cite aging infrastructure as the top roadblock in the way of achieving federal cyber-security mandates
Aging Infrastructure Leads to Breaches
Aging infrastructure is not just a problem in theory; aging infrastructure makes federal systems more vulnerable to attack, which has led to an environment that could be rife for breaches.
- · 42 percent have experienced a data breach within the past 6 months.
- · A staggering one in eight has experienced a data breach within the past 30 days.
- · Put another way, the typical federal IT system experiences one breach every 347 days.
- · Respondents report that the typical data breach costs more than $91,000.
- · The total cost due for data breaches is $637 million every year.
- · The most frequently reported costs include loss of productivity, loss of reputation and pure monetary damages.
Privileged Account Management: Gap Between Theory and Practice
We asked respondents what tools were most important to them in terms of securing their information environment. Here they ranked privileged access management and vulnerability patching as most important. This is significant as these technologies restrict user privileges and close off security weaknesses in systems.
Yet, despite understanding the importance of such measures, most (56 percent) use alternate solutions to manage privileged passwords and nearly two-thirds (63 percent) report less than fully mature vulnerability remediation programs. In fact, 6 percent have NO remediation plan, and another 14 percent do only the bare minimum required by compliance mandates.
What IT Can Do Mitigate the Security Risk of Aging Federal Infrastructure
The BeyondTrust 2017 US federal government study points to four best practices that any agency can implement.
- · Manage privileged credentials with greater discipline, eliminate administrator rights and enforce least privilege
Thirty percent of respondents believe that insider threats pose a significant threat and 35 percent believe their users have more privileges than are required. To mitigate insider threats and the exploitation of privileges, adopt a least privilege model by removing admin rights from users and storing all privileged credentials in a secure safe. Known escalation attacks have been around for years and are still being used. These attacks require local administrator rights. It’s not just about insiders. Enforcing least privilege prevents lateral movement within an organization if a breach does occur.
- · Isolate Legacy Systems to reduce attack surfaces
Modernization of federal IT infrastructure is a priority for most survey respondents, but realistically this will not happen quickly. These aging systems have known risks. Reduce the attack surface by isolating legacy systems. Segment these systems to force all traffic through a proxy to reduce attack vectors. Deploy an automated password and session management solution that provides secure access control, auditing, alerting and recording for any privileged account. This will provide segmented access to critical systems, manage passwords, and monitor when tasks and operations are committed to a managed system.
- · Improve the maturity of vulnerability management through automated patching