SolarWinds (NYSE:SWI), a leading provider of powerful and affordable IT management software, today announced the findings of its sixth annual Public Sector Cybersecurity Survey Report.* This year's survey includes responses from 400 IT operations and security decisionmakers, including 200 federal, 100 state and local, and 100 education respondents. This is the first year the survey includes state, local, and education (SLED) respondents.
"Complexity is a big theme in this year's survey," said Brandon Shopp, vice president for product strategy at SolarWinds. "Led only by budget constraints, complexity of internal environments is one of the most significant high-level obstacles to maintaining or improving IT security, and respondents indicated it's keeping them from easily segmenting users and adopting a zero-trust approach. Our data shows this complexity is getting worse, especially in federal environments. SolarWinds is committed to helping technology professionals across the spectrum, no matter the organizational size or budget, to ?de-complicate' security and solve the problems they need to solve, every day, like we do with all our tech solutions. This survey highlights the need for vendor partners who take this kind of approach."
2020 Key Findings
For the fifth year in a row, careless and untrained insiders are the leading source of security threats for public sector organizations.
Budget constraints, followed by complexity, top the list of significant obstacles to maintaining or improving organizational IT security.
Cybersecurity maturity needs attention across public sector organizations; on average, respondents rated their agency's maturity at a 3.5 on a scale of one to five.
Less than half of public sector respondents are very confident in their team's ability to keep up with evolving threats, regardless of whether the organization outsources its security operations or not.
Most public sector organizations measure the success of their IT security teams by evaluating metrics such as the number of detected incidents (58%) or their team's ability to meet compliance goals (53%), which, as standalone metrics, may not accurately reflect an agency's risk profile or the IT team's success.
Public sector organizations struggle to segment users by risk level and manage the security threats posed by both privileged and non-privileged users.
"These results clearly demonstrate the degree to which most public sector organizations are struggling to manage cyber risk," said Tim Brown, vice president of security for SolarWinds. "While it's heartening to see that almost two-thirds of respondents are formally segmenting users?a helpful step in managing risk?the data finds careless and untrained users to still be the weakest link. Additionally, we're seeing a widespread lack of organizational maturity?even in technologies like endpoint protection that have been around forever. It's therefore no surprise that only four in ten respondents feel very confident their security team can keep up with the evolving threats."
Supporting Quotes
"Security is everyone's job, but holding the team accountable is lacking. Until there are real individual accountability regimens in place, the network will remain at risk."
- Division Chief, Federal Civilian
"Our organization operates in denial with a preference for reactionary behavior instead of operating proactively. Government agencies tend to view IT spending as throwing money into a black hole until something occurs."
- Sr. IT Project Manager and Analyst, State Government
"Everything starts at the top. If C-level doesn't put an emphasis on security, it puts us at risk."
- IT Manager, Local Government
"Meeting the online needs of 12,000 plus students always presents challenging security issues, but we have been able to manage without a major event so far."
- VP of Operations, Higher Education
"Not enough manpower, money, or resources. Waiting for a ticking bomb to go off."
- CTO, K-12
*In December 2019 and January 2020, independent market research firm Market Connections, Inc. surveyed 400 IT security professionals in U.S. federal civilian and defense agencies, state and local government, and education. The survey was conducted on behalf of SolarWinds. Full survey results are available upon request.
Additional Resources
Connect with SolarWinds
#SWI
#SWIcorporate
#SWIsecurity
About SolarWinds
SolarWinds (NYSE:SWI) is a leading provider of powerful and affordable IT management software. Our products give organizations worldwide?regardless of type, size, or complexity?the power to monitor and manage their IT services, infrastructures, and applications; whether on-premises, in the cloud, or via hybrid models. We continuously engage with technology professionals?IT service and operations professionals, DevOps professionals, and managed services providers (MSPs)?to understand the challenges they face in maintaining high-performing and highly available IT infrastructures and applications. The insights we gain from them, in places like our THWACK community, allow us to solve well-understood IT management challenges in the ways technology professionals want them solved. Our focus on the user and commitment to excellence in end-to-end hybrid IT management has established SolarWinds as a worldwide leader in solutions for network and IT service management, application performance, and managed services. Learn more today at www.solarwinds.com.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks of) their respective companies.
© 2020 SolarWinds Worldwide, LLC. All rights reserved.
These press releases may also interest you
|