While Federal cybersecurity leaders have prioritized detection, remediation, and zero trust policies due to the recent flood of cyberattacks, new research – “Containing the Cyber Threat Tsunami” – uncovers the desire to shift the current security mindset to a greater emphasis on breach prevention.
The research study, underwritten by Dell Technologies and INTEGRITY Global Security, surveyed more than 300 cybersecurity leaders across Federal, state, and local government. The top-line findings show a grimly realistic outlook – 70 percent estimate their high-value assets (HVAs) have been potentially compromised in the past 12 months, and half believe there will be a “cyber 9/11” event in the next 10 years in which lives will be lost due to a cyberattack.
The developing consensus toward breach prevention, however, may show indicate some light at end of the tunnel in strategic security thinking.
One key finding of the survey: ninety-one percent of cyber leaders say they want to see their organization shift from an “assume breach” mindset to a breach prevention focus in the next three years. The research further explores if cyber leaders think we can achieve “zero vulnerability” – and the good news is most believe that is achievable.
To start making more progress toward that goal, government cyber leaders say they need centralized access to cybersecurity data and analytics (91 percent); improved vulnerability management (90 percent); hardened endpoint devices (89 percent); and fundamental culture change (89 percent).
The challenge is that while all say they are taking steps to improve cyber risk management, few are reporting progress on foundational cyber hygiene steps – hindering the push toward zero vulnerability.
“Cyber leaders are underwater, but it is possible that we can move toward a reality where breaches are not a given,” said Jimmy Sorrells, president, INTEGRITY Global Security (IGS).
“The industry needs to know that there are zero vulnerability platforms available, and those platforms are the key to helping our public servants better protect critical systems and citizens,” added Sorrells. “It is going to take a stronger commitment to cyber hygiene, platform security, and breach prevention to make real progress. We cannot continue to do the same things and expect different results.”
Read the full study, including a break out of Federal, state, and local cyber funding priorities and feedback on the opportunity to strengthen breach prevention.