Report unveils misplaced confidence in cybersecurity among public sector entities.
Check Point Software Technologies, in partnership with the Public Sector Executive (PSE), has released a comprehensive report examining cybersecurity attitudes within public sector organisations.
Titled Cyber Security: the heart and soul of trust between citizens and public sector organisations, the report reveals a significant gap between the confidence in existing cybersecurity measures and the actual risks faced.
Key findings from the survey of government, education, healthcare and justice sectors include:
- Confidence over reality: Nearly half (47%) of respondents express confidence in their systems’ ability to detect breaches, with 64% believing in their system’s capacity to identify data theft. However, this confidence contrasts sharply with the reality of frequent cyberattacks targeting these very sectors.
- Underestimation of threats: Phishing and malware are seen as primary risks, but there is a notable lack of awareness regarding the sophistication of web application attacks and the potential for human error within organisations.
- Budget constraints: Over half of the respondents (57%) cite budget limitations as a key obstacle in enhancing cybersecurity measures.
These findings do not necessarily reflect reality for the public sector. According to Check Point’s mid-year report, the three most targeted industries in the first half of 2023 were government, education and healthcare, with some organisations facing 10,000 attacks per day, according to some reports.
What is more, there have been several successful cyberattacks against hospitals and local authorities in the last year including Barts Health NHS Trust, St Helens Council and Gloucester City Council, who have since been reprimanded by the Information Commissioners Office (ICO) for failing to have the correct systems in place.
Deryck Mitchelson, Global CISO at Check Point, said: “Public sector organisations are significantly underestimating the severity of cyber threats. Our findings suggest a concerning disparity between perceived security and the escalating sophistication of cyberattacks, which can have profound impacts on public trust and service continuity.”
The report stresses the importance of not only defensive strategies but also proactive, preventive measures to stay ahead of cyber threats. Keith Joy, CTO at University of the Arts London, highlights the often-overlooked smaller vulnerabilities that can be equally detrimental to an organisation’s security.
Adding to the insights, Mitchelson said: “The reality is that organisations cannot rely solely on defence. They must invest equally in proactive, preventative measures to thwart cyber threats at their inception. It’s a constantly moving target and staying ahead requires a comprehensive and dynamic approach to cybersecurity.”
Click below to share this article