Cyber company Ivanti today released its State of Government Cyber Security Report, which surveyed 800 public sector workers around the world. Their report found that a “not my job” attitude within the public sector has been pervasive, younger generations may be more lax with cybersecurity protections, and a weak cybersecurity culture both within government and its employees. may be causing problems.
The dismissal of employees is widespread in the public sector.
The research found that government employees have increasing attitudes that cybersecurity is “not their job.” 34% of government employees report that they do not believe their actions have an impact on the security of their organization. 36% of respondents shared that they did not report phishing emails received at work, and an alarming 21% showed a lack of concern about whether or not their company is being hacked.
A generational gap in attention to cybersecurity.
The researchers shared that the younger generations, Gen Z and Millennials, were actually twice as likely to reuse passwords across devices than their Gen X and Baby Boomer counterparts. The increasingly hybrid nature of the government workforce (70% of workers report remote work, at least occasionally) makes this statistic a bit more alarming, notes Infosecurity Magazine.
Lack of cybersecurity culture both in the government and in its employees.
The researchers also found that globally, 29% of companies do not require partners or vendors to complete cyber training. Only 27% of government employees feel prepared to report cyber threats, and 17% report that they don’t feel safe sharing security mistakes they’ve made with their cyber team.
“We are in a state of urgency when it comes to securing critical infrastructure, along with public sector employees and the extremely sensitive data they have access to,” said Srinivas Mukkamala, Ivanti’s chief product officer. “Government leaders around the world have recognized this urgency and are taking action to combat ransomware, disinformation, and protect their critical assets and infrastructure. If we don’t focus on cybersecurity as a team effort and provide proactive security measures that enable a better employee experience, security teams and governments will continue to face an uphill battle.”
(Added, 11:30 pm ET, March 9, 2023. Roger Grimes, data-driven defense evangelist at KnowBe4, commented that the threat of ransomware to the government and other organizations in particular is unlikely to abate. “Ransomware targeting both Linux and Windows is not new,” he said, “but this is an ongoing expansion with both platforms being easily attacked. Don’t expect this trend to reverse anytime soon. The future of malware and hacking they are AI-driven bots that change their tactics on the fly based on what they find.Expect most malware to behave like a smart and skilled hacker in the near future, downloading additional components and expertise as it needs them , depending on what you need. “)
