Government best equipped to handle cyberattacks?

Government agencies top list of sectors globally committed to security testing, says Synack research

Posted 14 October 2020 by

Government has topped the list of sectors most able to withstand a cyberattack in 2020.

The news may be somewhat surprising given the surge in cyberattacks on local authorities this year, including yesterday’s attack on Hackney Council. But those are the findings from the latest Synack Trust Report, which analyses cybersecurity preparedness across all sectors and industries, globally.

Government agencies globally earned the number one spot in part due to reducing the time it takes to remediate exploitable vulnerabilities by 73 percent. The report noted: “The chaos of 2020 added new hardship to many government bodies, but security hasn’t necessarily suffered as many agencies have become more innovative and agile. Their ability to quickly remediate vulnerabilities drove this year’s top ranking.”

Synack notes that government agencies still maintained thorough and continuous security testing in 2020, despite the challenges the sector faced.

In the US, the new Cybersecurity and Infrastructure Security Agency issued Binding Operational Directive 19-02, which is a compulsory direction to federal agencies requiring them to remediate critical vulnerabilities within 30 days. This caused agencies to move swiftly to address critical flaws. Overall, agencies reduced the time to fix flaws by 73 percent, driving up the overall score for government to earn ‘most trusted’ status.

Citizens’ trust in government

Adrian Crawley, VP sales EMEA at Synack told TDP that if security isn’t a priority, trust between government and citizens can quickly disappear.  

“With technology filtering into every aspect of our personal and professional lives, it’s essential that we have faith in the organisations that we digitally interact with. This is especially the case with governments. Citizens need to have trust in the process in which governments collate, store and secure our personal data,” he said.

“Given the valuable citizen information they are custodians of and the risk to trust through misinformation campaigns, cybersecurity must be a priority to government and public sector bodies.”

The report uses data from Synack’s Attacker Resistance Score (ARS) Metric, which drew information from tests conducted on the firm’s Crowdsourced Security Platform from 2019 through July 2020 — through the COVID-19 response period.

The research also found that the rush to deploy apps to help with the COVID-19 recovery led to serious cybersecurity challenges for Healthcare and Life Sciences. Despite those issues, the sector had the third highest average score as research and manufacturing organisations stayed vigilant and continuously tested digital assets.