Government cybersecurity readiness declining, according to survey
The government sector is unprepared in aggregating risk intelligence and performing risk assessments, according to the 2017 Global Cybersecurity Assurance Report Card compiled by Tenable Network Security and research partner CyberEdge Group. Surveying 700 security practitioners across seven industry verticals and nine countries, Tenable measured the abilities of IT professionals to assess cybersecurity risks and mitigate threats. The government “industry” (which provided 37, or 5.3 percent, of responses) dropped three points from its assessment in 2016, scoring a 63 percent (D) and ranking at the bottom – below education – thanks to a 59 percent ranking in risk assessment and a 67 percent score in security assurance. Risk assessment grades the ability to assess cybersecurity risks across 11 enterprise IT infrastructure components, while security assurance looks at the ability to mitigate threats by investing in security infrastructure fueled by executive and board-level commitment.