Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

Press Releases

June 9, 2019 |

SolarWinds Finds Insider Threats Cited as Leading Cause of Security Incidents

New Study Underscores the Need for Affordable, Accessible Security Solutions

SolarWinds†(NYSE:†SWI), a leading provider of powerful and affordable IT management software, released findings from a new IDC†White Paper,†Affordable Tools and Shared Responsibilities Define Midmarket IT Security Trends,†sponsored by SolarWinds. The white paper is based on a survey of both IT and non-IT respondents on their organization’s cybersecurity practices to explore the threat landscape—revealing that organizations are prioritizing security in terms of budget and tool adoption but are vulnerable to even greater risks that exist within their organizations.

Specifically, nearly 62 percent of survey respondents cited user errors as the top cybersecurity threat within the company, claiming that user mistakes contributed to the largest attack exposure. Of these insider threats, more than half of survey respondents reported that regular employees (rather than executives or those with privileged access) pose the biggest risk for insider abuse or misuse.

Additional survey results pointed to the need for effective and affordable tools to help reduce deliberate and malicious attacks and avoid accidental configurations. And, while detection and monitoring tools are in place for larger external threats, the protective practices associated with basic cyberhygiene need additional focus.

“While the bad guys may be getting increasingly smarter, SolarWinds is upping the ante for the good guys,” stated Brandon Shopp, vice president, product strategy, security. “We meet the demand for affordability and effectiveness because we are focused on solving the security problems that technology professionals are trying to solve every day. We’re not trying to boil the ocean with overly-complex and expensive solutions. We help simplify security at all levels—from the initial threat identification stage through to recovery. That’s our promise.”

“Cybercriminals now operate as part of a well-oiled machine that can easily crank out a variety of attacks that are both random and focused in nature,” says Tim Brown, vice president of security, SolarWinds. “But in reality, an equally dangerous and even more imminent threat exists: internal users. Between mistakes and technology deployment misconfigurations, organizations are finding themselves highly susceptible to threats that are perpetuated from the inside, leaving themselves effectively wide open to attacks.”

SolarWinds’ breadth of security solutions includes†SolarWinds†Access Rights Manager (ARM),†SolarWinds Security Event Manager (SEM),†SolarWinds Threat Monitor,†SolarWinds Backup,†SolarWinds Mail Assure,†SolarWinds Passportal,†SolarWinds Risk Intelligence, and†SolarWinds Patch Manager—plus a suite of monitoring and management platforms with security baked in, including capabilities for robust endpoint detection and response. †

Key Findings

Organizations have demonstrated significant progress when it comes to defending against external threats but are still vulnerable to increasingly risky insider threats.

  • Cybersecurity has become a budgeted organizational expense rather than a proposal for funding; the need for effective and affordable tools to help reduce deliberate and malicious external attacks and avoid accidental configurations is being recognized.†
    • 65% of survey respondents expect their spend on security tools and services in 2019 to increase YoY, while 34% expect it to stay the same. Fewer than 1% expect their funds to decrease.
    • 40% are beginning to use threat intelligence to adjust configurations or search for vulnerable situations, while 48% prioritize vulnerability scanning, followed by SIEM adoption (47%).†
  • However, most problems and exposures are self-inflicted, with 62% of survey respondents citing users (insiders) making mistakes that put the company at risk as the top cybersecurity threat that led to incidents within the company.†
  • Fewer than half of survey respondents (47%) cited external bad actors infiltrating the network and systems as the leading case of cybersecurity issues.
  • Of the insider threats, more than 50% of survey respondents claim that regular employees (not privileged users) pose the biggest risk for insider abuse/misuse. Below employees, contractors (41%) and privileged IT admins (31%) were the next biggest threats.

Organizations are making a concerted effort to dedicate more budget toward solutions and tools to improve security measures but the tools are often cost-prohibitive.

  • While 65% of respondents report plans to increase their security spending in 2019, midmarket companies are still price conscious when it comes to security investments.†
    • 54% of respondents claim they would be able to improve their cybersecurity posture if security solutions were more affordable.

Cybersecurity teams are often overconfident when it comes to their abilities to defend their IT environments and must continue to pay equal attention to protective strategies.†††

  • Survey respondents revealed a misperception about handling security vs. the market reality. When asked about their confidence in their ability to use security technologies and defend their environments with the tools currently in place, the response came back as a four on a five-point scale.†
    • However, the skills ratings didn’t significantly change when the location of the tools was said to be in a public cloud (vs. on-premises) environment – despite the proliferation of reports detailing misconfigured cloud storage “buckets” and the increased complexity associated with identity management in hybrid, on-premises and cloud environments.†
  • When asked about technologies used to protect organizations from external and internal threats, only 32% cited endpoint protection and 27% cited patch management.†
    • This lack of patch management activities and reduced focus on network endpoints is alarming, as these basic cyberhygiene best practices must be combined with detection to help ensure that the “front door” isn’t left wide open.
  • While detection or monitoring tools are in place at most midmarket companies, protective practices need additional focus.†
    • The primary tactic used to respond to and recover from the incident is backup and recovery (79%).
    • The majority of the midmarket isn’t yet able to fund or conduct extensive forensic analysis activities leading to any patient zero identifications (28%).

The results presented in this study are derived from a survey link sent to both IT and non-IT respondents who declared themselves to be either knowledgeable or very knowledgeable about their organization’s cybersecurity practices.† All results were collected from a survey website during February 2019.

Of all the respondents, 66% were based in North America, 17% were from the United Kingdom, and 17% were from Germany, Austria, and Switzerland. Regarding company size, 56% of respondents were from midmarket organizations (100 to 1,000 employees), 24% of respondents were from large-scale organizations (1,000+ employees), and 20% of respondents were from small businesses (under 100 employees).


Editor’s Choice

MSP360 Bolsters Managed Backup Solution With Full Sharepoint Backup and Restore, Object Lock, and More

March 25, 2024 |

MSP360 CEO Brian Helwig details the latest improvements in its managed backup solutions and teases some new opportunities down the road for its partners in an exclusive ChannelPro interview.

Peer to Peer: Aurora’s Philip de Souza shares his secrets to creating a successful MSSP

March 19, 2024 | Philip de Souza

“It’s important that we understand when it comes to this whole MSP world that it’s all about the customer.”

Evolving State AI Regulations: Best Practices for Mitigating Risk

March 14, 2024 | Anurag Lal

While AI technologies can unlock tremendous business value, they also have potential risks.


Related News

Growing the MSP

Explore ChannelPro

Events

Reach Our Audience