Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 15 August, 2022
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2021
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2021
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Security pros want federal government to improve private sector security posture

Tripwire report shows 95% request additional action to ensure the security of data and systems of non-governmental organizations

by The Gurus
November 10, 2021
in Editor's News, Featured
AT&T Cybersecurity grows SASE offering by adding Palo Alto Networks
Share on FacebookShare on Twitter

New research by Tripwire has revealed security professionals working in the federal sector want the government to play a bigger role in securing non-governmental companies.

The research report evaluated actions taken by the federal government to improve cybersecurity in 2021 and was conducted for Tripwire by Dimensional Research. It evaluated the opinions of 306 security professionals, including 103 currently working for a United States federal government agency, with direct responsibility for the security within their organisation.

According to the research, security professionals responsible for critical infrastructure believe that National Institute of Standards and Technology (NIST) standards should not only be improved and strengthened but enforced outside the federal government. This is likely because only 49% of non-governmental organisations surveyed (critical infrastructure and others) have fully adopted NIST standards, yet still identify ransomware as a primary security concern.

Federal security professionals are aligned with this thinking and also believe the government should be doing more to protect its own data and systems (99%). In fact, 24% think they are falling behind when it comes to preparedness to face new threats and breaches, citing lack of both leadership prioritisation and internal expertise and resources as primary reasons.

“It’s clear that organisations – both public and private sector – are seeking further guidance from the federal government,” said Tim Erlin, vice president of strategy at Tripwire. “Generally, long-term enforcement and implementation of cybersecurity policy will take time, but it’s important that agencies lay out a plan and measure execution against that plan to protect our critical infrastructure and beyond.”

When it comes to implementing Zero Trust Architecture, both federal and non-governmental organisations agree this strategy could materially improve cybersecurity outcomes, but only 22% say improvement is highly likely. They also agreed that integrity monitoring is foundational to a successful Zero Trust strategy (50%), or at least somewhat important (43%), but only 22% considered measuring integrity and security posture to be a core tenet of Zero Trust Architecture. Secure communication (44%), limiting individual access (39%), and identifying data sources and computing services as resources (36%) were most commonly identified.

Additionally, the survey examined where organisations track on the path to Zero Trust:

  • 25% of those surveyed from the federal government described their Zero Trust implementation as mature, while only 2% of critical infrastructure organisations identified this way
  • The majority of security pros – both public and private sector – described their progress toward Zero Trust adoption as needing some work, or in progress
  • Security professionals look to federal government guidelines as the top source for obtaining Zero Trust strategies and best practices, followed by information from security solutions vendors, consultants, and analysts.

“It’s promising to see progress toward Zero Trust implementation, but lack of focus on integrity is where we fall short,” said Erlin. “Maintaining and understanding the integrity of an organisation’s people, processes and technology is the foundation of strong Zero Trust architecture and should be prioritised as such. Simply put, you can’t have Zero Trust without integrity.”

While hardening systems against ransomware may be a driving force for implementation now, 83% of security pros expect that something worse than ransomware may be coming. Fortunately, both federal and non-governmental organisations have responded to this year’s attacks on critical infrastructure with preventative action – 98% of agencies report progress on executive orders on cybersecurity (half say significant progress), and over 50% of non-government groups have taken specific steps to improve cybersecurity efforts.

FacebookTweetLinkedIn
Tags: cybersecurityFederalThreat
ShareTweetShare
Previous Post

Most Inspiring Women in Cyber 2021: Lisa Ventura, Founder of Cyber Security Unity

Next Post

Armis sees demand for OT/ICS cybersecurity rise 400% year on year

Recent News

Doctor holding phone

Recovery From NHS Attack Could Take Weeks

August 12, 2022
Industry All-Stars Take Stage at International Cyber Expo’s Global Cyber Summit

Industry All-Stars Take Stage at International Cyber Expo’s Global Cyber Summit

August 12, 2022
Laptop, phone, hands

Campaign Launched to Stop People From Becoming Money Mules

August 11, 2022
MIRACL is One Cybersecurity Company to Watch in 2022

MIRACL is One Cybersecurity Company to Watch in 2022

August 10, 2022

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2021
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information