Government IT Professionals May Be Overconfident in Detection Methods

Government IT Professionals May Be Overconfident in Detection Methods

July 11, 2016         Written By John H. Oldshue

Federal government IT professionals may be overconfident in their insider threat detection abilities, according to a recent study by Tripwire.

Tripwire, a provider of endpoint detection and response, security and compliance solutions, evaluated the confidence of 763 IT professionals from various industries, including 103 participants from the federal government.  The company looked at the professionals’ ability to deal with seven key security controls, which must be implemented quickly to detect a cyber attack in progress.

One of the major issues Tripwire uncovered is with privileged access. Not all employees should have access to the entire computer system, but 31% of the federal government respondents said they are not able to detect when non-privileged users attempt to access secure files.

Additionally, 73% of the federal respondents were under the mistaken impression that their system would generate an alert or email within hours if a non-privileged user or other outsider accessed files. But Verizon’s 2016 Data Breach Intelligence Investigations Report (DBIR) said these can take weeks, or even years, to detect.

With this in mind, it may not be surprising that the public sector sees more security incidents than any other industry.

“More and more, information security is about protecting sensitive data,” said Tim Erlin, director of IT security and risk strategy for Tripwire. “Federal government agencies have a gap in identifying when data is accessed and how it’s shared. We can expect more breaches to occur until these gaps are addressed.”

Other key findings include:

  • While 78% of government respondents believe they could find a new device on their network within hours, 52% do not know exactly how long the process would take.
  • More than half (58%) said their automated tools do not provide all of the information they need, including locations and departments, to more quickly identify unauthorized changes to endpoint devices.
  • When patching systems, only 25% of federal government employees receive an automated notification telling them whether or not every target system was successfully patched.
  • Nearly half (48%) said that detected vulnerabilities are not always fixed within 15 to 30 days.

“Authorization creep is something many organizations fail to address,” said Travis Smith, senior security research engineer for Tripwire. “As employees change roles or are promoted, their roles and responsibilities change; as does their access to confidential information. Protecting confidential information is more than reviewing access denied attempts; employees may be abusing authorized access as well. Following these recommended controls and continuous monitoring over critical and/or confidential information is vital to reduce the likelihood or impact of insider threat.”

The information contained within this article was accurate as of July 11, 2016. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About John H. Oldshue

John Oldshue is the creator of He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for
View all posts by John H. Oldshue
Featured Low Interest Card
Top Features : 1.25X miles on every purchase; no annual fee; bonus of 20,000 miles once $1,000 is spent in first 3 months
Featured No Annual Fee Card
Top Features : Earn cash back twice. 1% when you buy plus 1% as you pay; 0% APR for 18 months on balance transfers
Featured Bad Credit Card
Top Features : No Annual Fee; Cash Back match at the end of your first year; Social Security Alerts
Featured Fair Credit Card
Top Features : No annual fee; access to higher credit line after making first 5 monthly payments on time
Featured Limited/No Credit
Top Features : No annual fee; reports to major credit bureaus; access to higher credit line after making first 5 monthly payments on time
Featured Cash Back Card
Top Features : No Annual Fee, Bonus Offer, Cash Back