Foreign Governments Now Seen as Leading Cybersecurity Threat as The Public Sector Battles Increasing IT Complexity
May 09 2023 - 7:30AM
Business Wire
Data shows that the perceived threat of foreign
governments has nearly doubled since 2014
SolarWinds (NYSE:SWI), a leading provider of simple, powerful,
and secure observability and IT management software, today
announced the findings of its eighth annual Public Sector
Cybersecurity Survey Report. This year’s survey includes responses
from 400 public sector IT operations and security decision-makers,
including 200 federal, 100 state and local, and 100 education
respondents.
“The threat foreign governments pose to the security of
government IT systems has steadily increased throughout the
years,'' said Brandon Shopp, Group Vice President, Product Strategy
at SolarWinds. “However, it is reassuring to see this year’s data
showing public sector organizations continue to recognize top
security threats, adopt zero-trust strategies, and seek vendor
attestations and SBOMs to better secure the software supply chain –
all of which are crucial to maintaining a high standard of security
across federal and state government, as well as in the education
and defense sectors.”
2023 Key Findings:
IT Security Threats
- Public sector respondents now see foreign governments (60%) as
the greatest source of IT security threats to their organizations,
surpassing both careless/untrained insiders (58%) and the general
hacking community (52%). In 2021, the general hacking community
ranked first.
- For federal respondents, foreign governments have become a
significantly greater source of IT security threats over time, with
reports nearly doubling from 2014 (34%) to 2023 (63%).
- The top three sources of security threats have remained the
same for federal IT professionals (since 2014) and the state,
local, and education (SLED) audience (since 2019), which are
foreign governments, careless/untrained insiders, and the general
hacking community.
- Public sector respondents reported trojans, spam, and
ransomware as the three biggest IT security threats to their
organizations.
- Spam (58%) is the most common threat impacting public sector
organizations over the last 12 months.
- Among all public sector respondents, state and local government
respondents (41%) see ransomware as a threat more than other public
sector organizations (federal 32%; education 26%).
- 15% of state and local respondents, 13% of education
respondents, and 10% of federal respondents reported that their
organization had been impacted by ransomware in the last 12
months.
IT Complexity
- For the first time, IT complexity (27%) surpasses budget
constraints as the most significant obstacle public sector
respondents say they face in hardening their cybersecurity posture.
- 66% of respondents say their IT environment is extremely/very
complex to manage, yet only 5% of respondents say they feel
extremely confident in their ability to manage these
environments.
- IT complexity has increased across all public sector
organization types, with state and local government respondents
(25% in 2023 versus 12% in 2021) and education respondents (33% in
2023 versus 12% in 2021) reporting the largest jumps.
- Survey respondents say the top three barriers to managing
complex IT environments are an insufficient number of IT staff
(41%), followed by time constraints (39%) and budget issues (35%).
- Federal respondents (41%) reported significantly more concerns
with budget constraints than state/local respondents (29%).
Software Supply Chain Security
- Most public sector respondents express concern with their
organization’s software supply chain security and feel vendor
attestations and SBOMs are important.
- Over half of respondents are moderately concerned with their
software supply chain security. However, only two in 10 respondents
are very or extremely concerned.
- Two-thirds of respondents indicate vendor attestations are
extremely/very important, and seven in 10 want them provided within
12 months.
- Two-thirds of respondents have either begun requesting or are
planning to request SBOMs from vendors. They say it is
extremely/very important for vendors to provide information on how
they develop and secure their software.
Zero-Trust
- The adoption and perceived importance of zero-trust approaches
continue to increase.
- 89% of public sector respondents (an all-time high) see the
importance of implementing a zero-trust approach. Up significantly
from 2021, 85% of public sector organizations now use a formal or
informal zero-trust approach to IT security.
- Of the zero-trust approaches, the Office of Management and
Budget (OMB) and Department of Defense (DoD) frameworks are relied
on most, with each being cited by 33% of respondents.
- 15% of respondents follow the National Institute of Standards
and Technology (NIST) Zero Trust Architecture, and 10% follow the
Cybersecurity and Infrastructure Security Agency’s (CISA) Zero
Trust Maturity Model.
“This year’s data highlights the increasing need for continued
partnership between the public and private sectors,” said Tim
Brown, CISO and Vice President of Security, SolarWinds. “If we
continue to work together to assess top threats, secure IT
environments, arm IT teams with the appropriate defenses, and
implement formal strategies like zero-trust, public sector
organizations will be better positioned to continue
mission-critical activities without interruption.”
Supporting Quotes:
“The daily threats of compromised security are a growing
problem, and it’s extremely important to stay ahead of the game and
combat any potential attacks.” - Defense / Military
“Data leaks and cyberattacks are growing alarmingly and need to
be checked.” - Defense / Military
“Staff need to understand more about the global threat
landscape.” - Federal Civilian
“Lack of zero-trust implementation on the part of workers will
open a wide space for hackers to compromise the data security and
use them for malicious purposes.” - Education: K-12
*In January 2023, independent market research firm Market
Connections, Inc. surveyed 400 IT security professionals in U.S.
federal civilian and defense agencies, state and local government,
and education. The survey was conducted on behalf of SolarWinds.
Full survey results are available upon request.
Additional Resources
- SolarWinds 2023 Cybersecurity Survey Report
- SolarWinds Government Solutions
- SolarWinds Transformational Defense Solution
- SolarWinds Federal Compliance Solution
Connect with SolarWinds
- THWACK®
- Twitter®
- LinkedIn®
- Facebook®
#SWI #SWIcorporate #SWIresearch
#SWIsecurity
About SolarWinds
SolarWinds (NYSE:SWI) is a leading provider of simple, powerful,
secure observability and IT management software built to enable
customers to accelerate their digital transformation. Our solutions
provide organizations worldwide—regardless of type, size, or
complexity—with a comprehensive and unified view of today’s modern,
distributed, and hybrid network environments. We continuously
engage with IT service and operations professionals, DevOps and
SecOps professionals, and database administrators (DBAs) to
understand the challenges they face in maintaining high-performing
and highly available hybrid IT infrastructures, applications, and
environments. The insights we gain from them, in places like our
THWACK community, allow us to address customers’ needs now and in
the future. Our focus on the user and our commitment to excellence
in end-to-end hybrid IT management have established SolarWinds as a
worldwide leader in solutions for observability, IT service
management, application performance, and database management. Learn
more today at www.solarwinds.com.
The SolarWinds, SolarWinds & Design, Orion, and THWACK
trademarks are the exclusive property of SolarWinds Worldwide, LLC
or its affiliates, are registered with the U.S. Patent and
Trademark Office, and may be registered or pending registration in
other countries. All other SolarWinds trademarks, service marks,
and logos may be common law marks or are registered or pending
registration. All other trademarks mentioned herein are used for
identification purposes only and are trademarks of (and may be
registered trademarks of) their respective companies.
© 2023 SolarWinds Worldwide, LLC. All rights reserved.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20230509005155/en/
Keelyn Leonard REQ Phone: +1-703-595-5458 kleonard@req.co
Jenne Barbour SolarWinds Phone: +1-512-498-6804
pr@solarwinds.com
SolarWinds (NYSE:SWI)
Historical Stock Chart
From Aug 2024 to Sep 2024
SolarWinds (NYSE:SWI)
Historical Stock Chart
From Sep 2023 to Sep 2024