Post-Snowden contractors tighten security
- By Mark Hoover
- Feb 04, 2014
A large majority of contractors have changed their security practices in light of the Edward Snowden data breaches.
A new study released by ThreatTrack Security and conducted by Opinion Matters found that 75 percent of respondents claiming that the breaches have changed their companies’ cybersecurity practices.
Sixty-three percent of the respondents hold either secret, top secret, or confidential clearances, but out of those who have access to confidential information, 27 percent do not hold such clearances, representing a potential privileged access problem where contractor employees without these clearances might have access to sensitive government data, ThreatTrack said in a release.
The survey found:
55 percent of respondents say that their employees now receive more cybersecurity awareness training.
52 percent have reviewed or re-evaluated employee data access privileges.
47 percent are on higher alert for anomalous network activity by employees.
41 percent have implemented stricter hiring practices.
39 percent said that their own IT administrative rights have been restricted.
On the topic of guidance from the government, 88 percent of respondents felt that they get what they need when it comes to government support on protecting sensitive data, but 62 percent still reported that they are concerned that their organization is still vulnerable to APTs, malware attacks and cybercrime/cyberespionage.
Twenty-nine percent said that there is not enough budget for the right cyber tools, with 22 percent saying that they do not have access to an automated malware analysis solution that can detect and ward off threats in real-time. Twenty-six percent reported that there is a shortage of security personnel on staff, the survey said.
An executive report with additional analysis can be found here.
Mark Hoover is a senior staff writer with Washington Technology. You can contact him at email@example.com, or connect with him on Twitter at @mhooverWT.