Public sector organisations vulnerable to cyber attacks
Nearly half of security professionals at public sector organisations across seven markets including Australia say attackers will breach their network every time they try, new research from CyberArk indicates.
A survey of security professionals in Australia, the UK, the US, France, Germany, Israel and Singapore found that 47% of public sector respondents have experienced at least one cyber attack that impacted operations during the past three years.
More than two-thirds (68%) of respondents from the sector admit that their organisation is susceptible to a carefully targeted attack.
The greatest public sector security risks are considered to be ransomware or malware (60%), phishing or other external attacks (57%), cloud security risks (42%), excess administrative privileges (41%), insider threats (41%), shadow IT practices (38%) and unmanaged privileged access (37%).
But while 81% of respondents agree that IT infrastructure and critical data are not fully protected unless privileged accounts, credentials and secrets are secured, only 45% have a privileged access security strategy in place for protecting business-critical applications, and only 41% have such a strategy for cloud infrastructure.
The report did find that public sector organisations are increasingly aware of cyber risks, with 78% of respondents stating that their organisation has prioritised cybersecurity as an important investment for the business.
But despite this, the public sector was the least prepared for complying with data breach notification regulations of all sectors covered in the report. For example, only 36% reported being prepared to issue a data breach notification within the 72-hour window mandated by the EU’s General Data Protection Regulation (GDPR).
In addition, 36% of public sector organisations would be willing to pay fines for non-compliance with major regulations but would not change security policies even after experiencing a successful cyber attack.
Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.
The global challenge of achieving cyber resilience
There are many challenges to achieving cyber resilience, but topping the list for many...
Security maturity is hard and the pace of change is hurting
NSW agencies recently slipped in their security maturity. The whole of the public sector in...
Protecting Australian communities with intelligent automation
As Australia’s population continues to grow, smart monitoring and surveillance systems can...
