For the first time in five years, external threats eclipse insider threats as the biggest cybersecurity concern for the public sector

The growing importance of the general hacking community and cyber attacks led by foreign governments is forcing the public sector to reassess its security stance.

RESTON, Virginia, January 11, 2022– (BUSINESS WIRE) – SolarWinds (NYSE: SWI), a leading provider of simple, powerful and secure IT management software, today announced the findings of its seventh cybersecurity investigation report in the public sector. * This survey includes responses from 400 computer scientists. operations and security decision-makers, including 200 federal respondents, 100 state and local respondents, and 100 education respondents.

“These results demonstrate that while computer security threats have increased, primarily from the general hacking community and foreign governments, the ability to detect and remediate these threats has not increased at the same rate, leaving vulnerable public sector organizations, ”said Brandon Shopp, Group Vice President, Product Strategy, SolarWinds. But the data also shows an increased awareness and adoption of zero trust, as well as a commitment to invest in IT solutions and adopt cybersecurity best practices outlined in the administration decree on cybersecurity. It is through these steps that public sector organizations can improve their cybersecurity posture and combat the rising tide of external threats. “

Main conclusions of 2021:

  • The general hacking community (56%) is the biggest source of security threats in public sector organizations, followed closely by careless / untrained insiders (52%) and foreign governments (47%). For the first time in five years, careless insiders were not listed as the number one security threat.

    • State and local governments (63%) are significantly more likely than other public sector groups to be concerned about the threat from the general community of piracy.

    • Respondents from federal civilian agencies (58%) are more likely to point to negligent insiders as a threat compared to the defense community (41%).

  • Cyber ​​security threats from foreign governments (56%) are behind the largest increase in concern among public sector respondents.

    • Defense respondents (68%) are the most likely to view foreign governments as a threat to cybersecurity, compared to civilian (53%), state and local (46%) and education ( 25%).

  • When asked about specific types of security breaches, the level of public sector concern about ransomware (66%), malware (65%) and phishing (63%) has increased the most over the past year .

  • Detection and resolution times have not improved with increasing IT security threats and breach issues.

  • Lack of training (40%), low budgets and resources (37%) and expansion of the scope (32%) due to the increase in remote work continue to plague security professionals in the sector. public.

    • Respondents also highlighted insufficient data collection and monitoring as a major obstacle to detecting threats (31%).

    • Respondents from state governments (50%) indicate more than local governments (25%) that budget constraints are a barrier to maintaining or improving IT security.

    • Education respondents are the most likely to have difficulty identifying the root cause of security problems, hampering their ability to detect and remediate these threats.

  • Respondents from the public sector suggest improving investigative and remediation capacities, as well as reducing obstacles to sharing information on threats between the public and private sectors, as the top priorities for compliance with the Executive Decree on cybersecurity.

    • Among SLED organizations, 86% are likely to adopt cybersecurity best practices and activities from the Cybersecurity Executive Decree, including almost 100% of respondents from K-12 schools.

  • Over 75% of public sector respondents note that their organizations rely on a formal or informal zero-trust approach.

    • A majority of public sector respondents are aware of the principle of least privilege (PoLP), and 70% of respondents are already implementing PoLP or will implement PoLP within the next 12 months.

  • The majority of public sector respondents realize the importance of IT security solutions and prioritize their investments over the next 12 months, with network security software (77%) being the top priority.

    • The priority for investing in IT modernization is focused on replacing legacy applications (60%) and migrating systems to the cloud (60%).

    • In terms of customer experience, IT service management (59%) holds the investment priority. And for digital transformation, implementing stakeholder platforms and portals (57%) is essential.

“Public sector organizations are increasingly concerned about threats from foreign governments,” said Tim Brown, CISO and vice president of security, SolarWinds. “Looking at the survey data, it is encouraging to see that a majority of the public sector is actively seeking to follow the roadmap outlined in the Executive Decree on Administration Cybersecurity, including improved data sharing. between the public and private sectors. This is a key pillar of SolarWinds. The Secure by Design approach, which encourages government and industry to present a united front against criminals and foreign cyber actors. “

Supporting quotes:

“Remote access is improving and will continue to be a priority.”

– Defense / Military

“The biggest challenge is finding and hiring qualified IT employees, and then retaining them. “

– Federal civil

“If you and your customers are based in the United States, relocation can help alleviate some of the unknowns in the supply chain. The question is, how many unknowns in the supply chain will remain unknown? “

– Defense / Military

* In October 2021, independent market research firm Market Connections, Inc. interviewed 400 IT security professionals in U.S. federal civil and defense agencies, state and local governments, and education. The survey was conducted on behalf of SolarWinds. Full survey results are available on request.

Additional resources

Connect with SolarWinds




# SWIsecurity

About SolarWinds

SolarWinds (NYSE: SWI) is a leading provider of simple, powerful, and secure IT management software. Our solutions empower businesses around the world – regardless of type, size or complexity – to accelerate business transformation in today’s hybrid IT environments. We are continuously working with technology professionals – IT services and operations professionals, DevOps and SecOps professionals, and database administrators (DBAs) – to understand the challenges they face in maintaining infrastructure, High performance and highly available computing applications and environments. The information we gain from it, in places like our THWACK community, enables us to meet customer needs today and in the future. Our user focus and commitment to excellence in end-to-end hybrid IT management has made SolarWinds a global leader in observability, IT service management, application performance and database management solutions. of data. Learn more today at

The SolarWinds, SolarWinds & Design, Orion and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the US Patent and Trademark Office, and may be registered or pending registration in other country. All other SolarWinds marks, service marks and logos may be common law marks or are registered or pending registration. All other trademarks cited herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.

© 2022 SolarWinds Worldwide, LLC. All rights reserved.

See the source version on


Emily brown
Phone: 1-703-287-7820
[email protected]

Jessica primanzon
Solar winds
Phone: + 1-301-672-5351
[email protected]

Shirlene J. Manley