When comparing the cybersecurity performance of U.S. federal, state and local government agencies to 17 major private industries, the public entities held strong in last place.
According to the “2016 U.S. Government Cybersecurity Research Report” released by SecurityScorecard on Thursday (April 14), the relative security health of government agencies isn’t looking too good. The study analyzed how government and industries performed across 10 security-related categories, such as malware vulnerability, social engineering susceptibility and even insider threat risk.
The New York Times reported that the top performing industries include information services, construction, food and technology, while the report found the education, telecommunications and pharmaceutical industries to be ranked among the lowest.
Between April 2015 and April 2016, SecurityScorecard confirmed it tracked 35 high-level data breaches across the U.S. government.
SecurityScorecard found that federal agencies continued to score poorly on security categories like identifying flaws, malware, network security and software patching, despite the White House’s ongoing efforts to strengthen the country’s cyberdefense mechanisms and solutions.
Months ago, the Obama administration released its Cybersecurity National Action Plan (CNAP), with the $19 billion being requested for the initiatives — which would take effect in 2017 — marking a 35 percent increase over the current fiscal year.
“The president believes that meeting these new threats is necessary and within our grasp,” reads the statement from the White House. “But it requires a bold reassessment of the way we approach security in the digital age. If we’re going to be connected, we need to be protected. We need to join together — government, businesses and individuals — to sustain the spirit that has always made America great.”
Based on SecurityScorecard’s analysis, NASA performed the worst out of all 600 government entities tracked for the study, with noted vulnerabilities to email spoofing and malware intrusions listed among the other weaknesses discovered.