The public sector is more concerned about external threats than internal ones

SolarWinds has announced the findings of its public sector cybersecurity investigation report. This survey includes responses from 400 IT operations and security managers, including 200 federal respondents, 100 state and local, and 100 education respondents.

“These results demonstrate that while cybersecurity threats have increased, primarily from the general hacker community and foreign governments, the ability to detect and remediate these threats has not increased at the same rate. , leaving public sector organizations vulnerable,” said Brandon Shopp, Group Vice President, Product Strategy, SolarWinds.

“But the data also shows increased awareness and adoption of zero trust, as well as a commitment to investing in IT solutions and adopting cybersecurity best practices outlined in the administration’s Executive Order on Cybersecurity. . It is through these steps that public sector organizations can improve their cybersecurity posture and combat the rising tide of external threats.

The state of cybersecurity in the public sector

The general hacker community (56%) is the top source of security threats to public sector organizations, followed closely by negligent/untrained insiders (52%) and foreign governments (47%). For the first time in five years, careless insiders were not listed as the top security threat.

  • State and local governments (63%) are much more likely than other public sector groups to be concerned about the threat from the general hacker community.
  • Respondents from federal civilian agencies (58%) are more likely to cite negligent insiders as a threat compared to the defense community (41%).

Cybersecurity threats from foreign governments (56%) caused the greatest increase in concern among public sector respondents.

  • Defense respondents (68%) are the most likely to view foreign governments as a threat to cybersecurity, compared to civilian (53%), state and local government (46%) and education respondents ( 25%).

When asked about specific types of security breaches, the public sector’s level of concern about ransomware (66%), malware (65%) and phishing (63%) increased the most over the past year. ‘last year.

Detection and resolution times have not improved at the rate of the increase in IT security threats and breach issues.

  • About 60% of respondents noted that time to detection and time to resolution remained the same or deteriorated between 2020 and 2021.

Lack of training (40%), low budgets and resources (37%), and expanding scope (32%) due to increased remote working continue to plague industry security professionals public.

  • Respondents also highlighted insufficient data collection and monitoring as the main obstacle to detecting threats (31%).
  • Respondents from state governments (50%) indicate more than local governments (25%) that budget constraints are a barrier to maintaining or improving IT security.
  • Respondents in the education sector are most likely to struggle to identify the root cause of security issues, which hampers their ability to detect and remediate these threats.

Public sector respondents suggest improving investigation and remediation capabilities, as well as reducing barriers to threat information sharing between the public and private sectors, as key priorities for compliance with the Executive Order on cybersecurity.

  • Among SLED organizations, 86% are likely to adopt Cybersecurity Executive Order cybersecurity best practices and activities, including nearly 100% of K-12 school respondents.

More than 75% of public sector respondents note that their organizations rely on a formal or informal zero-trust approach.

  • A majority of public sector respondents are aware of the Principle of Least Privilege (PoLP), and 70% of respondents are already implementing PoLP or will implement it within the next 12 months.

The majority of public sector respondents realize the importance of IT security solutions and highly prioritize their investments over the next 12 months, with network security software (77%) being the top priority.

  • The IT modernization investment priority is geared towards replacing legacy applications (60%) and migrating systems to the cloud (60%).
  • When it comes to customer experience, IT service management (59%) is the investment priority. And for digital transformation, setting up stakeholder platforms and portals (57%) is essential.

“Public sector organizations are increasingly concerned about threats from foreign governments,” said Tim Brown, CISO and vice president of security at SolarWinds. “In reviewing the survey data, it is encouraging to see that a majority of the public sector is actively seeking to follow the roadmap outlined in the administration’s cybersecurity executive order, including enhanced data sharing. between the public and private sectors.

Shirlene J. Manley