External cybersecurity threats on the rise in public sector, report says
For the first time in five years, external threats are a bigger concern than internal threats, a report says
By Police1 Staff
RESTON, Va. — The public sector is facing a growing risk of external cyberattacks as security measures fail to keep pace with the increasing cyber threat environment, according to a new report from SolarWinds, a provider of IT management software. On Tuesday, SolarWinds released its seventh Public Sector Cybersecurity Survey Report, which features responses from 400 IT operations, including 200 federal, 100 state and local, and 100 education respondents.
“These results demonstrate that while IT security threats have increased – primarily from the general hacking community and foreign governments – the ability to detect and remediate such threats has not increased at the same rate, leaving public sector organizations vulnerable,” said Brandon Shopp, vice president of product strategy at SolarWinds, in a statement. “But the data also shows an increased awareness and adoption of zero trust, as well as a commitment to invest in IT solutions and adopt cybersecurity best practices outlined in the Administration’s Cybersecurity Executive Order. It’s through these steps that public sector organizations can enhance their cybersecurity posture and fight the rising tide of external threats.”
According to the release, an increase in general hacking is the largest source of cybersecurity threats to public sector organizations. This is the first time in five years that internal threats, also called careless or untrained insiders, were not the biggest threat to the public sector, the report says. Threats from foreign governments represented the greatest increase in concern among public sector agencies.
[RELATED: 3 strategies to mitigate cybercrime]
Below are other key findings from the report:
The general hacking community (56%) is the largest source of security threats at public sector organizations, followed by careless/untrained insiders (52%) and foreign governments (47%).
State and local governments (63%) are significantly more likely than other public sector groups to be concerned about the general hacking community.
When asked about specific types of security breaches, the public sector’s level of concern over ransomware (66%), malware (65%), and phishing (63%) has increased the most in the last year.
Time to detection and resolution have not improved at the rate of increased IT security threats and breach concerns.
Defense respondents (68%) are the most likely to note foreign governments as a cybersecurity threat, compared to civilian (53%), state and local government (46%), and education (25%) respondents.
Read the full Public Sector Cybersecurity Survey Report below: