By Nathalie Voit

IT management and software solutions company SolarWinds found hacking is the top cybersecurity concern for the public sector, overshadowing internal threats for the first time in five years.

Fifty-six percent of respondents identified the general hacking community as the largest source of security threats at public sector organizations, followed by careless or untrained insiders (52%) and foreign governments (47%), SolarWinds said in its seventh Public Sector Cybersecurity Survey Report.

State and local government workers were significantly more likely than federal civilian agency employees to name hacking as the top threat to their organization. The latter were more concerned about the threat of careless insiders.

On the other hand, the defense community was more likely to list foreign governments as the greatest threat to the public sector, the report said.

“Public sector organizations are increasingly concerned about the threats from foreign governments,” said CISO and Vice President of Security at SolarWinds Tim Brown. “In looking at the survey data, it’s encouraging that a majority of the public sector is actively seeking to follow the roadmap outlined in the [Biden] Administration’s Cybersecurity Executive Order, including enhanced data sharing between public and private sectors.”

Concern over ransomware (66%) among federal respondents increased the most over the past year, followed closely by concern over malware (65%) and phishing (63%), the report said.

Government IT workers named lack of training (40%) and low budgets and resources (37%) as the top two factors hindering public sector security, followed by the expanded security perimeter due to the rise of remote or hybrid work (32%). Participants also spotlighted insufficient data collection and monitoring as a major obstacle to threat detection.

According to the survey, state government respondents were more likely than local government respondents to pinpoint budget constraints as a key impediment to detecting and resolving security shortfalls.

“These results demonstrate that while IT security threats have increased—primarily from the general hacking community and foreign governments—the ability to detect and remediate such threats has not increased at the same rate, leaving public sector organizations vulnerable,” said Brandon Shopp, vice president of product strategy for security, compliance, and tools at SolarWinds.

“But the data also shows an increased awareness and adoption of zero trust, as well as a commitment to invest in IT solutions and adopt cybersecurity best practices outlined in the Administration’s Cybersecurity Executive Order. It’s through these steps that public sector organizations can enhance their cybersecurity posture and fight the rising tide of external threats,” he added.