The public sector is more concerned about external than internal threats

SolarWinds announced the findings of its Public Sector Cybersecurity Survey Report. This survey includes responses from 400 IT operations and security decision makers, including 200 federal, 100 state and local, and 100 education respondents.

“These results demonstrate that while IT security threats have increased—primarily from the general hacking community and foreign governments—the ability to detect and remediate such threats has not increased at the same rate, leaving public sector organizations vulnerable,” said Brandon Shopp, Group VP, Product Strategy, SolarWinds.

“But the data also shows an increased awareness and adoption of zero trust, as well as a commitment to invest in IT solutions and adopt cybersecurity best practices outlined in the Administration’s Cybersecurity Executive Order. It’s through these steps that public sector organizations can enhance their cybersecurity posture and fight the rising tide of external threats.”

The state of cybersecurity in the public sector

The general hacking community (56%) is the largest source of security threats at public sector organizations, followed closely by careless/untrained insiders (52%) and foreign governments (47%). For the first time in five years, careless insiders were not listed as the top security threat.

• State and local governments (63%) are significantly more likely than other public sector groups to be concerned about the threat of the general hacking community.
• Federal civilian agency respondents (58%) are more likely to indicate careless insiders as a threat compared to the defense community (41%).

Cybersecurity threats from foreign governments (56%) are responsible for the greatest increase in concern among public sector respondents.

• Defense respondents (68%) are the most likely to note foreign governments as a cybersecurity threat, compared to civilian (53%), state and local government (46%), and education (25%) respondents.

When asked about specific types of security breaches, the public sector’s level of concern over ransomware (66%), malware (65%), and phishing (63%) has increased the most over the last year.

Time to detection and resolution have not improved at the rate of increased IT security threats and breach concerns.

• About 60% of respondents noted both the time to detection and time to resolution remained the same or worsened between 2020 and 2021.

Lack of training (40%), low budgets and resources (37%), and the expanded perimeter (32%) as a result of increased remote work continue to plague public sector security pros.

• Respondents also pointed to insufficient data collection and monitoring as a key impediment to threat detection (31%).
• State government respondents (50%) indicate more so than local governments (25%) that budget constraints are an obstacle to maintaining or improving IT security.
• Education respondents are the most likely to struggle to identify the root cause of security issues, hampering their ability to both detect and remediate such threats.

Public sector respondents suggest improving investigative and remediation capabilities, as well as reducing barriers to sharing threat information between public and private sectors, as the top priorities for compliance with the Cybersecurity Executive Order.

• Among SLED organizations, 86% are likely to adopt cybersecurity best practices and activities from the Cybersecurity Executive Order, including almost 100% of respondents from K-12 schools.

More than 75% of public sector respondents note their organizations rely on a formal or informal zero-trust approach.

• A majority of public sector respondents are familiar with the principle of least privilege (PoLP), and 70% of respondents are either already implementing PoLP or will implement PoLP within the next 12 months.

The majority of public sector respondents realize the importance of IT security solutions and prioritize their investments highly in the next 12 months, with network security software (77%) being the top priority.

• IT modernization investment priority leans toward replacing legacy applications (60%) and migrating systems to the cloud (60%).
• When it comes to customer experience, IT services management (59%) holds investment priority. And for digital transformation, implementing stakeholder platforms and portals (57%) is key.

“Public sector organizations are increasingly concerned about the threats from foreign governments,” said Tim Brown, CISO and VP of Security, SolarWinds. “In looking at the survey data, it’s encouraging that a majority of the public sector is actively seeking to follow the roadmap outlined in the Administration’s Cybersecurity Executive Order, including enhanced data sharing between public and private sectors.”