Recently, SIEM solution provider SolarWinds released the results of an IDC white paper they sponsored. This white paper, entitled Affordable Tools and Shared Responsibilities Define Midmarket IT Security Trends, explores the dangers of insider threats. Additionally, the report dives into other security vulnerabilities, such as the absence of patch management.
Key Findings From SolarWinds’ Report on Insider Threats
- Enterprises focus their cybersecurity efforts externally, even security vulnerabilities from insider threats increase.
- Nearly 62% of enterprise IT and non-IT-respondents cite user errors as their top cybersecurity insider threat.
- Meanwhile, close to half (49.7%) cited poor network system and application security as their greatest threats.
- 50.3%, just over half say regular employees, rather than executives or privileged access users, create the most insider threat security vulnerabilities.
- In fact, the group causing the second most insider threats are contractors and other third parties at just over 40%.
Interestingly, the vast majority of enterprises rely primarily on backup and recovery to recover from cybersecurity incidents (79.3%). A smaller majority (55.3) also call upon incident response plans. However, it does speak to a possible over-reliance on reactive tactics rather than proactive threat hunting in cybersecurity and SIEM.
Patch Management and SIEM
When SolarWinds and IDC asked their respondents what cybersecurity solutions they use to defend against external and insider threats, most cited email security. 66.3% rely on such a solution. Data encryption, identity and access management, and web application firewalls served as the next most commonly utilized.
However, endpoint protection platforms (32.3%) and patch management (27.0%) remained shockingly low. The latter especially indicates a lack of consideration for cybersecurity hygiene; cybersecurity platforms and security analytics need patches for foundational threat intelligence and limiting potential security holes.
Moreover, almost none of the enterprises surveyed call upon a full-fledged SIEM solution. Yet your business should not make the same mistake. Relying on a digital perimeter such as email security leaves you vulnerable to dwelling or evasive threats. SIEM offers the threat detection, remediation, and correlation necessary to discovering the threats hiding in your network.
You can read the full Affordable Tools and Shared Responsibilities Define Midmarket IT Security Trends report from IDC and SolarWinds here. Also, you learn more about SIEM solutions in our 2019 Buyer’s Guide.
Latest posts by Ben Canner (see all)
- Revisiting Whether SOAR Will Replace SIEM in Business Cybersecurity - May 29, 2020
- Changing SIEM From Reactive to Proactive with Threat Hunting - May 27, 2020
- Top-Down SIEM: An Interview with Avi Chesla of Empow - May 21, 2020