Report: Public-sector cyber forecast looks mostly sunny
Government IT managers are identifying and implementing the right security technologies, targeting initiatives, appropriating funding and seeing pandemic stressors decline, a new survey found.
The public-sector cybersecurity outlook is positive, according to a new report.
The “Cybersecurity Trends in Government 2021 Report,” which BeyondTrust released Oct. 13, gives four potential reasons why government IT managers are optimistic: They’re identifying and implementing the right security technologies, targeting initiatives, appropriating funding, and seeing pandemic stressors decline. Working with ReRez Research, the company surveyed 200 senior IT and security professionals within U.S. defense, federal civilian, state and local government agencies, about their cyber concerns and activities now and in the near future.
The report looked at how respondents view security measures in three ways: basic, foundational and organizational. Today, 74% of respondents said that inventory and control of hardware assets is the most important basic cybersecurity measure, although 68% expect that importance to decrease in one to three years, and 56% said inventory and control of software assets is most important. Maintenance, monitoring and analysis of audit logs is critical to 63% -- and more than half expect it to be just as important in one to three years.
In terms of foundational cybersecurity measures, data protection (62%), data recovery capabilities (62%) and privileged access management (61%) are virtually tied for the top three, according to the report.
“Boundary defense, which encompasses traditional perimeter controls such as firewalls, was rated the least important of the 12 foundational security controls,” the report states. Other controls included secure configuration for network devices, DevSecOps, malware defense and email and web protections. “We imagine that 5 -10 years back, this would have ranked near the top,” the report states. “However, our increasingly perimeterless world characterized by work-from-anywhere, edge computing, and hybrid environments is reducing the effectiveness of boundary defenses.”
For organizational security measures, implementing security awareness training came out on top with 77% respondents citing is as the most important measure, although only 24% think it will stay that way. Application software security came in second at 65%, followed by penetration tests and Red Team exercises at 56%.
The report also states that perceived cyberthreats are changing. The biggest concerns today are remote worker or contractor vulnerabilities (65%), ransomware (61%) and phishing or social engineering (60%), none of which is surprising given how the pandemic shuttered offices and cyberattacks battered agencies in 2020.
In one to three years, though, 35% of respondents said they see fileless attacks being the biggest threat, followed by distributed denial-of-service attacks (31%). Remote worker or contractor vulnerabilities drops to No. 3, with just 29% of respondents citing it as a future concern.
Additionally, the report notes a shift in threat actors. “Insiders are far and away the top cybersecurity concern for public-sector infosec leaders today,” it states. “Ill-intentioned insiders rank as the #1 concern (67% of respondents), with mistakes by insiders resulting in security incidents (55%) the #3 highest concern. Concern for external threat actors (57%) came in at #2, just a little ahead of insider mistakes.”
Looking ahead one to three years, nation-state actors move to the No. 1 threat actor spot, with 36% of respondents citing them. Organized crime (32%) and external bad actors (21%) round out the top three, as malicious insiders fall to fourth (15%).
Federal initiatives such as the Biden administration’s executive order on cybersecurity and requests to boost the Technology Modernization Fund’s allocations are also contributing to the sunny outlook, as are more targeted initiatives. For example, 38% said they believe the importance of National Institute of Standards and Technology policy will grow in the next one to three years, and 58% said StateRAMP is important today and 40% say it will be more important later. Similar to the Federal Risk and Management Program for assessing cloud security, StateRAMP aims to provide that assessment for state and local governments.
Perhaps the most surprising finding is that 96% of the respondents said they have adequate funding for their security budgets. The report also found that 82% of respondents believe the American Rescue Plan will increase cybersecurity, with 34% saying that improvement will be significant.
And despite concerns about budget shortfalls resulting from the pandemic, 56% of respondents said they received more cybersecurity funding than in the previous year, and only 13% said their cyber budgets decreased. President Joe Biden’s fiscal 2022 budget requests $9.8 billion, up $1.2 billion from fiscal 2021, in cybersecurity funding to secure federal civilian networks and infrastructure.
Still, vigilance is always necessary. “While the findings of this report support an optimistic outlook, cybersecurity processes and technologies must adapt to what attackers are doing in the future, not just what is occurring today,” the report states. “The threat landscape evolves continuously, and attackers are always seeking new weaknesses.”
NEXT STORY: Scaling up secure, single sign-on