88% of government agencies say misconfiguration of cloud services is a top security threat; pre-pandemic, only 25% considered it critical

Netwrix, a cybersecurity vendor that makes data security easy, today announced government market findings from its 2020 Cyber Threats Report. Netwrix conducted this online survey in June 2020 to understand how the pandemic and ensuing work-from-home initiatives changed the IT risk landscape.

With the pandemic, the public sector has become extremely worried about cyberattacks. Nearly all respondents (98%) are now concerned about supply chain compromise, 95% named VPN exploitation as a top threat and 82% cited credential stuffing.

Another drastic shift is related to the misconfiguration of cloud services: 88% of government agencies now say that cloud misconfiguration is a top security threat, while pre-pandemic, only 25% said it was critical. However, only 11% of incidents reported during the first three months of the pandemic were actually caused by this scenario.

In reality, most incidents during this time period involved the human factor: 53% of respondents said they experienced at least one phishing attack, and 18% reported insecure sharing of sensitive data. What’s particularly troubling is that improper data sharing was especially hard for government agencies to spot: nearly all organizations needed days (42%), weeks (32%) or even months (21%) to detect it.

Other findings discovered by the survey include:

• 29% of government agencies feel that they are at greater security risk now than they were before the pandemic. 86% of them are worried about stronger or more frequent cyberattacks, which is the highest percentage among all the verticals studied in the report.
• Concern about VPN exploitation grew from 10% pre-pandemic to 95% now.
• 26% of government agencies reported experiencing ransomware or other malware.
• 6% experienced data theft by employees. None was able to spot it in minutes and only 5% were able to flag the incident in hours. The rest (95%) required days, weeks or months.

Government agencies should focus their cybersecurity efforts on mitigating the insider threat, especially when many employees and contractors are accessing the networks remotely. Organizations must ensure that every user understands basic cybersecurity rules and completes security training on a regular schedule. IT teams should look for solutions to speed threat detection and streamline incident investigation. In addition, they should follow proven security best practices like network segmentation, privilege attestation, continuous auditing for malicious activity across data repositories, and alerting on suspicious activity and changes.
Ilia Sotnikov, VP of Product Management at Netwrix

To get the complete findings of the Netwrix 2020 Cyber Threats Report, please visit: www.netwrix.com/2020_cyber_threats_report.html