Public sector organizations are crippled by a lack of automation when trying to protect themselves against cybersecurity threats, a report revealed this week.
The report, called Cyber Security in Public Sector: 5 Insights You Need to Know, was sponsored by Tenable and compiled by the Ponemon Institute. It surveyed 244 public sector employees in the US, UK, Germany, Australia, Mexico and Japan in charge of cybersecurity solutions. It found that 88% of respondents had suffered at least one damaging cyber-attack in the last two years, with 62% suffering two or more.
Only 23% of respondents said that they had adequate visibility of their attack surface, citing a lack of personnel. There are just too many vulnerabilities to cope with, making scanning difficult, they complained.
A lack of automation is a key hindrance here: 51% of respondents admitted that security staff spent more time navigating manual responses than responding to vulnerabilities. This contributed to the backlog. Only 38% incorporated threat intelligence into decisions about which assets to protect first. In fact, nearly half (44%) prioritised threats based on how easy they were to fix.
Vulnerability scanning is one area where automation can help to highlight emerging risks, but public-sector organizations perform poorly here. In fact, 44% of them have no set schedule for vulnerability scanning, and 25% of them don't scan at all.
The kinds of threats that public sector cybersecurity pros worry about versus those that they experience are revealing. More than half of public sector organizations had suffered credential theft after employees fell for phishing scams, but only 33% considered this a worrisome threat. Similarly, malware had disrupted business processes in 39% of organizations, but only 23% of respondents were concerned.
In other cases, they were very worried about threats that relatively few had experienced. One third of all respondents worried about economic espionage, but only 2% had experienced it, whilst 67% fretted about third-party misuse of confidential information, but only 34% had seen this happen.
When it comes to data breaches, the public sector has seen some humdingers. One of the most notable was the Office of Personnel Management (OPM) breach that saw hackers slurp detailed personal data on at least 22.1 million people. Last year saw an attack on SingHealth that revealed the Singapore Prime Minister’s health data, and a slip-up by the US Postal Service saw it expose data on 60 million people for at least a year after it failed to heed experts’ warnings.
Throwing people at the problem isn't enough, as vulnerabilities and network incidents alike increase, the public sector needs automation to help it fight attackers.
The topic of Governance, Risk and Compliance will be covered throughout the free-to-attend conference at Infosecurity Europe in London from 4-6 June. See all the talks on Governance, Risk and Compliance here. Infosecurity Europe is the leading European event for information and cyber security; find out more and secure your free visitor badge.
