Budgets + Talent Shortfalls = Poor Cybersecurity

Although there’s a glut of bean counters more concerned about how much traffic a website attracts, a research report from Cisco finds only 30% of public-sector security professionals said their organizations use penetration testing and endpoint or network forensics tools. Cisco reports that such tools are considered key pillars of a defense-in-depth security strategy, making their lack of adoption worrisome.


Agencies that do not have enough cybersecurity staff may also not investigate threats as thoroughly as they need to. According to the report, nearly 40% of public-sector organizations say that of the thousands of alerts they see daily, only 65% are investigated. Of great concern, 32% of those investigated threats are identified as legitimate, but only 47% of those legitimate threats are eventually remediated, Cisco said.

Fierce AI Week

Register today for Fierce AI Week - a free virtual event | August 10-12

Advances in AI and Machine Learning are adding an unprecedented level of intelligence to everything through capabilities such as speech processing and image & facial recognition. An essential event for design engineers and AI professionals, Engineering AI sessions during Fierce AI Week explore some of the most innovative real-world applications today, the technological advances that are accelerating adoption of AI and Machine Learning, and what the future holds for this game-changing technology.


To truly examine a large number of daily cybersecurity alerts, a public-sector agency might need dozens of security staffers, yet they rarely have enough staff. The report said that 35% of public-sector organizations have fewer than 30 employees dedicated to security. Additionally, 27% believe a lack of trained personnel is a major obstacle to adopting advanced security processes and technology, the report said.


The report also found that the cloud is a whole new frontier for hackers, and they are increasingly exploring its potential as an attack vector as often cloud systems are "mission-critical" for organizations. Hackers also recognize that they can infiltrate connected systems faster by breaching cloud systems.


According to Cisco, some of the largest breaches to date began with the compromise and misuse of a single privileged user account. The average enterprise today has more than 1,000 unique apps in its environment and more than 20,000 different installations of those apps. Cisco said its threat researchers examined 4,410 privileged user accounts at 495 organizations and found that six in every 100 end users per cloud platform have privileged user accounts, with many organizations having an average of two privileged users that carry out most of the administrative tasks.


If your curiosity is piqued, you can read the full Cisco report.


Suggested Articles

HP leads the pack, but Apple sees 36% surge in notebooks, desktops compared to a year ago

New York City residents moving upstate will give hundreds of towns extra tax revenue to invest in new streetlights with IoT sensors, NYPA foresees

With about one-fifth the revenues of Intel, Nvidia’s market capitalization exceeds Intel’s as Nvidia stock hits record high