WASHINGTON — Hacking is the largest source of security threats to the public sector, surpassing insiders for the first time in five years, according to a new survey released today.

In a report released by SolarWinds — an IT management and software company who contracted Market Connections to conduct the survey — 56% of respondents said the general hacking community was one of the largest source of security threats at public sector organizations, followed by careless or untrained insiders at 52% and foreign governments at 47%.

400 IT decision makers responded to the online survey conducted in Oct. 2021 — 200 from the federal level, 100 from the state and local level, and 100 more from the education level. A majority of the respondents worked at civilian federal agencies, with the next highest cadre coming from the Department of Defense. Nearly half of the participants were IT staff, with IT director/manager the second largest portion of respondents and security staff making up a distant third. Others included chief information and technology officers, chief security and information security officers.

According to the report, participants from state and local governments were significantly more likely to be concerned about the threat from the general hacking community than those working for federal civilian agencies, who were more likely to indicate careless insiders as a top threat.

DoD employees, however, were more likely to list foreign governments as the top threat.

“Public sector organizations are increasingly concerned about the threats from foreign governments,” said Tim Brown, CISO and Vice President of Security at SolarWinds. “In looking at the survey data, it’s encouraging that a majority of the public sector is actively seeking to follow the roadmap outlined in the [Biden] Administration’s Cybersecurity Executive Order, including enhanced data sharing between public and private sectors.”

Public sector respondents’ concern over ransomware, malware and phishing increased the most over the last year.

A plurality of respondents, 30%, listed budget constraints as the biggest obstacles to maintaining or improving IT security. Insufficient training of IT staff, shortage of funding and resources and the expanded security perimeter created by remote or hybrid work were the top three impediments listed to detection and remediation of security issues.

Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.

More In IT and Networks
Why isn’t Russia doing more to jam GPS in Ukraine?
The importance of GPS as a military tool was underscored by Kremlin media in November 2021 as troops were massing along the Ukraine border. After Russia demonstrated it could destroy a satellite in space, a television commentator known to be an unofficial mouthpiece of President Putin said the nation could “blind NATO” by shooting down all GPS satellites.
Mission Possible: Securing remote access for classified networks
The Federal government understands the significance of remote access on meeting mission objectives now and in the future. Agency leaders are looking to the private sector for technology that helps them maintain the highest security levels while meeting the ease-of-access demands of today’s worker – and can be implemented quickly.