Skip to main content
close search
site logo
Dive Brief

US government cybersecurity continues to struggle, falling behind private sector

Published Aug. 30, 2017
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Flickr; Tim Sackton

Dive Brief:

  • Across 18 industries, the U.S. government ranked 16th in overall cybersecurity, ahead of only the telecommunications and education sectors, according to new SecurityScorecard report
  • SecurityScorecard, a security rating platform, studied the cybersecurity of 500 local, state and federal government agencies along with 17 other industries for its annual report. Of the 10 security risks analyzed, the government came in 17th for endpoint security, a company's network of employee devices, and 16th place for patching applications. 
  • The research firm analyzed IP reputation for the detection of malicious actors where the government came in 16th place, meaning its data and networks are more susceptible to hacking. Such vulnerable networks can invite malware attacks and data breaches, as showcased in the 2016 presidential election

Dive Insight:

In 2016, the Obama administration reserved $19 billion for cybersecurity for 2017, earmarking cybersecurity as a top priority for federal IT, but issues still remain. 

Of the government's $80 billion IT budget, 75% goes towards maintenance leaving little room for modernization efforts, which is reflective in their patchwork ranking. Much of the technological infrastructure in the government dates back decades, leaving vulnerabilities in networks that $19 billion in cybersecurity cannot cover alone. 

Government security has seen a slight improvement since last year. In SecurityScorecard's 2016 report, the government came in last place when analyzed against 17 industries for overall cybersecurity. During last year's data collection period, there were 35 breaches within 600 of the examined government agencies. 

The federal government in particular has had some glaring cases of cybersecurity shortcomings. After the July 2015 data breach in the Office of Personnel Management (OPM) that impacted 21.5 million people, the Government Accountability Office gave OPM a list of security requests to update. While they have completed 11 of the 19 requests, the agency still has some gaps.

OPM named its current CIO David De Vries last year. However, it was announced this month that he plans to leave the government altogether. De Vries is the third CIO for OPM since February 2016 after Donna Seymour left the position following the breach, according to FedScoop

This has become an overarching trend in federal IT as many CIO positions are still occupied by acting or deputy candidates. Without consistency in leadership roles, tech and security protocols may suffer as a result.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Newgen Software reports Revenues from operations at Rs 361 cr in Q2 FY’25, up 23% YoY
From Newgen Software
October 16, 2024
Celonis Business Collaboration Networks Drive Process Improvement Across Company Boundaries
From Celonis
October 23, 2024
Celonis AgentC: Making AI Agents Work for the Enterprise with Process Intelligence
From Celonis
October 23, 2024
DigiCert Welcomes Lakshmi Hanspal as New Chief Trust Officer
From DigiCert
October 24, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell