About half of federal government IT professionals believe network data breach vulnerabilities go unresolved for 15 to 30 days and lack knowledge of the susceptibility-detection time gap, a recent Tripwire survey found.
Tripwire, a Portland, Ore.-based security company, said it commissioned market research firm Dimensional Research to poll 763 IT executives from diverse sectors, including 103 federal government respondents, to evaluate confidence in security controls aimed at facilitating cyberattack detection in endpoint devices.
The study discovered almost 80% of federal government participants confident their systems could identify new devices on networks within hours and 73% would detect non-privileged access within hours.
Another 58% of all Tripwire survey respondents said their automated platforms fail to identify data necessary to detect unwarranted endpoint device configuration changes.
Learning whether an organization's endpoint security can detect vulnerabilities and how long it takes to resolve them is necessary to seal any information security fissures.
"Federal government agencies have a gap in identifying when data is accessed and how it's shared," Director of IT Security and Risk Strategy at Tripwire Tim Erlin said. "We can expect more breaches to occur until these gaps are addressed."
Other findings: 73% of respondents said they thought their organizations had systems that would generate an email notification within hours of an intrusion.
About 58% of federal respondents told Tripwire their technology could not pick up important details about incidents, including location or the user's department, which would be necessary in finding unauthorized devices or exploits. Tripwire noted unease with authorization creep where employees retain and abuse old credentials access, even after changing positions.
Verizon's latest Data Breach Investigation report suggested 70% of insider breaches could take weeks or years to detect. Almost half of reported data breach incidents result from the misuse of privileged access to files that report found.
Join us at Credit Union Times' Fraud: Don't Let It Happen To Your Credit Union Conference, where you will find the latest tools and techniques for preventing fraud and data breaches; strategies for responding in the immediate aftermath and best practices for restoring reputation, financial stability and information security. This two-day conference is designed for credit union executives, boards of directors and those responsible for your credit union's cybersecurity policy. Register to attend and save $150.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
