How State Governments Struggle With Cyber-threats

Dennis McCafferty Avatar

Updated on:

How State Governments Struggle With Cyber-threats

How State Governments Struggle With Cyber-threatsHow State Governments Struggle With Cyber-threats

State governments often have trouble hiring staffers with well-rounded cyber-security skills, leading to outsourcing many cyber-security functions.

Leading SuspectsLeading Suspects

47% of survey respondents describe phishing, pharming and other related incidents as “very high” threats, and 42% said the same about social engineering. Nearly three of 10 describe ransomware as a very high threat.

Authorized ApproachAuthorized Approach

67% said they have a “documented and approved” cyber-security strategy, up from 55% who said this in 2014.

Slight BumpSlight Bump

Just 31% said their state cyber-security budget has increased more than 6% this year, but that’s up from 21% who said this in 2014.

Top Focuses of Cyber-security BudgetsTop Focuses of Cyber-security Budgets

Incident response: 83%, Logical access control: 79%, Compliance and risk management: 69%, Cyber-security research and development: 57%, Audit or certification costs: 48%

Hiring SpreeHiring Spree

73% of survey respondents said they employ the equivalent of no less than six full-time workers as part of their enterprise cyber-security team, and 22% said they’re employing the equivalent of at least 16 full-time staffers.

Compensation SituationCompensation Situation

96% said their state’s salary rates and pay grade structures negatively impact their ability to develop, support and maintain their cyber-security workforce.

Learning CurveLearning Curve

56% said their staff has gaps in cyber-security competencies.

Most Common Outsourced Cyber-security FunctionsMost Common Outsourced Cyber-security Functions

Cyber threat risk assessments: 54%, Forensics/legal support: 44%, Cyber threat management and monitoring services: 35%, Vulnerability management: 27%, Audit log analysis and reports: 23%

Hot TopicHot Topic

45% of survey respondents said the subject of cyber-security is presented or discussed at agency/office executive leadership meetings every month, up from 30% who indicated this was happening in 2014.

Defense PlanDefense Plan

30% said training and awareness will be a top cyber-security initiative for 2016, while 37% cited the implementation of monitoring/security operations centers (SOCs).

Biggest Barriers in Addressing Cyber-security ChallengesBiggest Barriers in Addressing Cyber-security Challenges

Lack of sufficient funding: 80%, Lack of cyber-security professionals: 51%, Lack of documented processes: 45%, Increasing sophistication of threats: 45%, Absence of visibility and influence within the enterprise: 33%

Dennis McCafferty Avatar