- The Office of Management and Budget highlighted the need for agencies to mitigate insider threats in the Cybersecurity Strategy and Implementation Plan it rolled out last month.
- OMB's plan asks agencies to enable stronger identity and access management and to improve employee training on security issues.
- In a recent survey of federal IT managers sponsored by Symantec, 45% of respondents said they had been targeted by an insider threat in the past year, while 29% reported that their agency had lost data as a result.
OMB says insider threats are often overlooked, though the Symantec survey also indicates that agencies are beginning to focus more on threats posed by insiders. 76% of respondents said that they are more focused on combating insider threats today than they were a year ago, and 55% said their agency has a formal program in place to address them. Many insider threats result from weak access controls and a lack of employee awareness rather than malicious intent, Symantec said.
"Training is most effective to better understand and prevent unintentional threat risks -- from top to bottom. Every user is a critical part of an agency's cyber defense. In many ways, they are on the front line," said Ken Durbin, unified security practice manager with Symantec's public sector division. "The more often agencies remind their employees to update passwords, and other protocols to prevent breaches, the more likely they will be to comply and be willing to help defend the network. This is just as important for leadership as it is for lower-level employees -- creating a culture of security awareness can have a significant impact."
Over the summer, federal CIO Tony Scott held a federal cybersecurity sprint, which found that 14 major civilian agencies surpassed his goal of 75% for strong authentication, and several agencies hit 100% for privileged users alone, but that ten agencies missed the mark.