Content, Content

State-backed Hackers Pose Greatest Threat to Public Sector Organizations, Study Says

Credit: Getty Images

Foreign government-sponsored hackers are the most malevolent source of IT security threats to public sector organizations, surpassing both careless/untrained insiders and the general hacking community, IT management software provider SolarWinds reports in a new survey.

Gleaned from 400 responses, the study’s data showed that the perceived threat of foreign governments has nearly doubled since 2014. The data consists of public sector IT operations and security decision-makers from the federal, state and local and education sectors.

Public-Private Partnerships Emphasized

Tim Brown, SolarWinds chief information security officer and security vice president said that data in the company’s eighth annual Public Sector Cybersecurity Survey Report shows the need for partnership between the public and private sectors to combat cyber threats. As he explained:

“If we continue to work together to assess top threats, secure IT environments, arm IT teams with the appropriate defenses, and implement formal strategies like zero-trust, public sector organizations will be better positioned to continue mission-critical activities without interruption.”

Key Findings From the Report

On IT security threats:

  • Public sector respondents now see foreign governments (60%) as the greatest source of IT security threats to their organizations, surpassing both careless/untrained insiders (58%) and the general hacking community (52%). In 2021, the general hacking community ranked first.
  • For federal respondents, foreign governments have become a significantly greater source of IT security threats over time, with reports nearly doubling from 2014 (34%) to 2023 (63%).
  • The top three sources of security threats have remained the same for federal IT professionals (since 2014) and the state, local, and education (SLED) audience (since 2019), which are foreign governments, careless/untrained insiders, and the general hacking community.
  • Public sector respondents reported trojans, spam, and ransomware as the three biggest IT security threats to their organizations.
  • Spam (58%) is the most common threat impacting public sector organizations over the last 12 months.
  • Among all public sector respondents, state and local government respondents (41%) see ransomware as a threat more than other public sector organizations (federal 32%; education 26%).
  • 15% of state and local respondents, 13% of education respondents, and 10% of federal respondents reported that their organization had been impacted by ransomware in the last 12 months.

On IT complexity:

  • For the first time, IT complexity (27%) surpasses budget constraints as the most significant obstacle public sector respondents say they face in hardening their cybersecurity posture.
  • 66% of respondents say their IT environment is extremely/very complex to manage, yet only 5% of respondents say they feel extremely confident in their ability to manage these environments.
  • IT complexity has increased across all public sector organization types, with state and local government respondents (25% in 2023 versus 12% in 2021) and education respondents (33% in 2023 versus 12% in 2021) reporting the largest jumps.
  • Survey respondents say the top three barriers to managing complex IT environments are an insufficient number of IT staff (41%), followed by time constraints (39%) and budget issues (35%).
  • Federal respondents (41%) reported significantly more concerns with budget constraints than state/local respondents (29%).

On software supply chain security:

  • Most public sector respondents express concern with their organization’s software supply chain security and feel vendor attestations and SBOMs are important.
  • Over half of respondents are moderately concerned with their software supply chain security. However, only two in 10 respondents are very or extremely concerned.
  • Two-thirds of respondents indicate vendor attestations are extremely/very important, and seven in 10 want them provided within 12 months.
  • Two-thirds of respondents have either begun requesting or are planning to request SBOMs from vendors. They say it is extremely/very important for vendors to provide information on how they develop and secure their software.

On Zero Trust:

  • The adoption and perceived importance of zero-trust approaches continue to increase.
  • 89% of public sector respondents (an all-time high) see the importance of implementing a zero trust approach. Up significantly from 2021, 85% of public sector organizations now use a formal or informal zero trust approach to IT security.
  • Of the zero trust approaches, the Office of Management and Budget (OMB) and Department of Defense (DoD) frameworks are relied on most, with each being cited by 33% of respondents.
  • 15% of respondents follow the National Institute of Standards and Technology (NIST) Zero Trust Architecture, and 10% follow the Cybersecurity and Infrastructure Security Agency’s (CISA) Zero Trust Maturity Model.
D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.