governments get failing grades in cybersecurity

Government still failing to protect IT systems

Federal, state and local government agencies all rank dead last in cybersecurity health when compared to 17 major private industries, such as education, construction, food and technology.

SecurityScorecard, which conducted the analysis, measured the security performance of government across 10 categories including application security, network security and password exposure.

Government agencies found to have the weakest security systems include NASA and the State Department and the states of Pennsylvania, Connecticut and Washington.

Although government agencies have struggled with protecting systems for years, there have been some particularly significant hacks and breaches lately that have leaked personal and sensitive information. The report tracked 35 breaches at the local, state and federal levels of government in the last year and performed detailed analysis on those at NASA, the FBI and the IRS, which suffered breaches early in 2016.  

The report offers recommendations for improving security, such as monitoring common vulnerabilities, exposures lists and vulnerability repositories for code that could exploit an infrastructure; investigating devices connected to the identified IP addresses; checking for evidence of malware infection; and ensuring that all Internet-facing services are updated to latest versions.

Those organizations with the top security postures include the Architect of the Capitol, the Bureau of Reclamation and Clark County, Nev., which received high scores in application security, DNS health, password exposure and endpoint security.  

Read the full report here.

About the Author

Derek Major is a former reporter for GCN.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected