Survey: Foreign States Considered Bigger IT Security Threat Than Ever

A new survey of public sector IT professionals conducted in January by independent research firm Market Connections found that careless or untrained insiders remains the top-ranked threat to higher education institutions’ network security, while the threat of malicious attacks by foreign governments is considered a bigger threat than in years past, according to the survey results.

The eighth edition of the Public Sector Cybersecurity Survey Report released today details the results of the survey, conducted on behalf of IT security provider SolarWinds; the survey polled 400 IT operations and security decision-makers, including 100 education practitioners, according to a news release.

“The threat foreign governments pose to the security of government IT systems has steadily increased throughout the years,'' said SolarWinds’ Brandon Shopp. “However, it is reassuring to see this year’s data showing public sector organizations continue to recognize top security threats, adopt zero trust strategies, and seek vendor attestations and SBOMs to better secure the software supply chain — all of which are crucial to maintaining a high standard of security across federal and state government, as well as in the education and defense sectors.”

Key Findings: Current Security Threats 

  • Careless/untrained insiders were ranked as the top threat by 58% of respondents; close behind were foreign governments (56%) and the general hacking community (52%). In 2021 — the last year this survey was conducted — the general hacking community ranked first.

  • 13% of higher education respondents said their organization has been impacted by ransomware in the last 12 months.

  • Education respondents were the least concerned about the threat of a ransomware attack when compared to other public sector respondents, with 26% of education respondents ranking ransomware as a top concern while 32% of federal government respondents ranked ransomware as a top threat and 42% of state and local government respondents saying the same.

  • Education respondents were significantly more likely to rank worm (23%) and mobile trojans (21%) as a threat than state and local and federal government respondents.

  • 65% of higher education respondents reported that their organizations were impacted by spam in the past 12 months.

Key Findings: IT Complexity

  • IT complexity (27%) surpassed budget constraints as the “most significant obstacle” in hardening their cybersecurity posture as identified by respondents.

  • 66% of respondents said their IT environment is “extremely/very complex to manage,” and only 5% of respondents reported that they feel “extremely confident” in their ability to manage their environments.

  • 58% of higher education respondents said they are “moderately confident” in their organization’s ability to manage its IT environment; 33% said they are “very confident.”

  • The education sector showed the largest increase in IT complexity, with 33% of education respondents reporting increasingly complex IT environments — about three times more than education respondents in the 2021 survey.

  • Education respondents were the least likely to be confident in their ability to manage their IT environment at 42%.

  • 52% of education respondents said they “lack visibility across their IT environments” and 53% of education respondents said they lack visibility across teams.

Key Findings: Zero Trust

  • 92% of education respondents said it’s “very or somewhat important” to implement a zero-trust approach, an increase of 10% over 2021 and the highest among all public sector groups.

  • 33% of higher education respondents shared that their organization is following the DoD zero trust strategy and roadmap — which was the leading response for higher education respondents, SolarWinds’ report said.

“This year’s data highlights the increasing need for continued partnership between the public and private sectors,” said SolarWinds CISO and Vice President Tim Brown. “If we continue to work together to assess top threats, secure IT environments, arm IT teams with the appropriate defenses, and implement formal strategies like zero trust, public sector organizations will be better positioned to continue mission-critical activities without interruption.”

Learn more at SolarWinds.com or download the full survey results.

About the Author

Kristal Kuykendall is editor, 1105 Media Education Group. She can be reached at [email protected].


Featured

  • abstract smartphone translucent screen displaying AI interface

    Apple Introduces Redesigned Siri AI

    At its recent Worldwide Developers Conference, Apple introduced Siri AI, a redesigned version of its voice assistant that Apple describes in its own announcement as "a profoundly more capable and personal assistant." The update is intended to make Siri more conversational, more context-aware, and more useful across iPhone, iPad, Mac, Apple Watch, and Vision Pro.

  • silhouette of business person facing wall of data

    Why AI Strategy Belongs in the President's Office

    Institutions that are succeeding with AI share one thing in common, and it is not a better committee, a larger budget, or a more sophisticated technology stack. It is a president who never handed off the steering wheel.

  • Blue digital wireframe classical building structure

    Before AI, Fix Your Data

    Institutions don't have to solve every data problem before they can begin using AI responsibly. But they do need to treat information as a strategic asset — not a byproduct of operations — and start building toward AI-ready data now.

  • Jason Palm

    AI, Identity, and Speed: Cybersecurity Priorities for Higher Ed

    Fortinet Security Operations Specialist Jason Palm explains how AI is raising new security challenges for higher education, requiring stronger governance, identity protection, threat detection, automation, and incident readiness.