Survey: Foreign States Considered Bigger IT Security Threat Than Ever

A new survey of public sector IT professionals conducted in January by independent research firm Market Connections found that careless or untrained insiders remains the top-ranked threat to higher education institutions’ network security, while the threat of malicious attacks by foreign governments is considered a bigger threat than in years past, according to the survey results.

The eighth edition of the Public Sector Cybersecurity Survey Report released today details the results of the survey, conducted on behalf of IT security provider SolarWinds; the survey polled 400 IT operations and security decision-makers, including 100 education practitioners, according to a news release.

“The threat foreign governments pose to the security of government IT systems has steadily increased throughout the years,'' said SolarWinds’ Brandon Shopp. “However, it is reassuring to see this year’s data showing public sector organizations continue to recognize top security threats, adopt zero trust strategies, and seek vendor attestations and SBOMs to better secure the software supply chain — all of which are crucial to maintaining a high standard of security across federal and state government, as well as in the education and defense sectors.”

Key Findings: Current Security Threats 

  • Careless/untrained insiders were ranked as the top threat by 58% of respondents; close behind were foreign governments (56%) and the general hacking community (52%). In 2021 — the last year this survey was conducted — the general hacking community ranked first.

  • 13% of higher education respondents said their organization has been impacted by ransomware in the last 12 months.

  • Education respondents were the least concerned about the threat of a ransomware attack when compared to other public sector respondents, with 26% of education respondents ranking ransomware as a top concern while 32% of federal government respondents ranked ransomware as a top threat and 42% of state and local government respondents saying the same.

  • Education respondents were significantly more likely to rank worm (23%) and mobile trojans (21%) as a threat than state and local and federal government respondents.

  • 65% of higher education respondents reported that their organizations were impacted by spam in the past 12 months.

Key Findings: IT Complexity

  • IT complexity (27%) surpassed budget constraints as the “most significant obstacle” in hardening their cybersecurity posture as identified by respondents.

  • 66% of respondents said their IT environment is “extremely/very complex to manage,” and only 5% of respondents reported that they feel “extremely confident” in their ability to manage their environments.

  • 58% of higher education respondents said they are “moderately confident” in their organization’s ability to manage its IT environment; 33% said they are “very confident.”

  • The education sector showed the largest increase in IT complexity, with 33% of education respondents reporting increasingly complex IT environments — about three times more than education respondents in the 2021 survey.

  • Education respondents were the least likely to be confident in their ability to manage their IT environment at 42%.

  • 52% of education respondents said they “lack visibility across their IT environments” and 53% of education respondents said they lack visibility across teams.

Key Findings: Zero Trust

  • 92% of education respondents said it’s “very or somewhat important” to implement a zero-trust approach, an increase of 10% over 2021 and the highest among all public sector groups.

  • 33% of higher education respondents shared that their organization is following the DoD zero trust strategy and roadmap — which was the leading response for higher education respondents, SolarWinds’ report said.

“This year’s data highlights the increasing need for continued partnership between the public and private sectors,” said SolarWinds CISO and Vice President Tim Brown. “If we continue to work together to assess top threats, secure IT environments, arm IT teams with the appropriate defenses, and implement formal strategies like zero trust, public sector organizations will be better positioned to continue mission-critical activities without interruption.”

Learn more at SolarWinds.com or download the full survey results.

About the Author

Kristal Kuykendall is editor, 1105 Media Education Group. She can be reached at [email protected].


Featured

  • interconnected cloud icons with glowing lines on a gradient blue backdrop

    Report: Cloud Certifications Bring Biggest Salary Payoff

    It pays to be conversant in cloud, according to a new study from Skillsoft The company's annual IT skills and salary survey report found that the top three certifications resulting in the highest payoffs salarywise are for skills in the cloud, specifically related to Amazon Web Services (AWS), Google Cloud, and Nutanix.

  • a hobbyist in casual clothes holds a hammer and a toolbox, building a DIY structure that symbolizes an AI model

    Ditch the DIY Approach to AI on Campus

    Institutions that do not adopt AI will quickly fall behind. The question is, how can colleges and universities do this systematically, securely, cost-effectively, and efficiently?

  • minimalist geometric grid pattern of blue, gray, and white squares and rectangles

    Windows Server 2025 Release Offers Cloud, Security, and AI Capabilities

    Microsoft has announced the general availability of Windows Server 2025. The release will enable organizations to deploy applications on-premises, in hybrid setups, or fully in the cloud, the company said.

  • digital brain made of blue circuitry on the left and a shield with a glowing lock on the right, set against a dark background with fading binary code

    AI Dominates Key Technologies and Practices in Cybersecurity and Privacy

    AI governance, AI-enabled workforce expansion, and AI-supported cybersecurity training are three of the six key technologies and practices anticipated to have a significant impact on the future of cybersecurity and privacy in higher education, according to the latest Cybersecurity and Privacy edition of the Educause Horizon Report.