Careless or untrained employees were the top source of security concerns by agency IT decision makers in a recent survey, above various types deliberate attacks.
In the survey, conducted by a polling company hired by the SolarWinds IT firm, that concern was cited by 56 percent of respondents, above the 52 percent who cited foreign governments and the 48 percent who cited the general hacking community. Other concerns related to malicious insiders, hactivists, terrorists, industrial spies and for-profit crime.
The perception of careless/untrained employees as a security threat was cited by 42 percent in a similar 2014 survey. Similarly, 42 percent now report that threat as either worse or as a constant battle, compared with just 28 percent who say that is true of threats from malicious insider threats.
Among the 200 IT decision makers across federal agencies who were polled, budget constraints were named as the top obstacle to maintaining or improving agency IT security, although that was down from 40 percent in 2014. Other top hindrances included the complexity of the internal environment and competing priorities and other initiatives. Lacks of top-level direction, manpower and training were cited by between 5 and 10 percent.