Light Dark
March 9, 2017 By Douglas Bonderud 2 min read

The recent U.S election was fraught with divisive rhetoric and rapidly changing priorities, but it also placed a new focus on cybersecurity as both parties took a hard line against digital threats.

As Infosecurity Magazine noted, however, cybersecurity issues that plagued both sides and may have impacted the election itself left security professionals reeling: Now, just 17 percent say they’re confident in the government’s ability to protect itself from cyberattacks, according to a recent Tripwire survey of RSA attendees.

It dovetails with a spike in overall IT security concerns, with 80 percent of respondents saying they’re more worried about current cybersecurity than in 2016. How do organizations cultivate confidence in a post-election world?

The Trickle-Down Effect for Cybersecurity Issues

Concerns about outside agency hacking and internal security issues have also impacted how companies see their own security infrastructure. While 60 percent said they “were confident in their organization’s ability to enforce foundational security controls,” almost the same number pointed to worries about intellectual property theft, the survey found. Another 54 percent expressed concern about brand reputation and nearly half spoke about the risks of internal security failures if employees lacked sufficient tech skill.

Cybersecurity issues extend beyond U.S borders. CSO Online stated the global cybersecurity index fell six points in 2016 to a score of 70 percent. A drop in the 2017 Risk Assessment Index is partially responsible for this overall loss: While companies remain confident in their ability to patch network vulnerabilities, they often struggle to discover these weaknesses before cybercriminals gain access.

The Government Lags Behind

It’s no surprise that issues with government security are causing headaches for security pros. Given the massive amount of data handled and stored by government agencies — everything from in-depth records of personal identifiable information (PII) to defense contracts and election results — seeing the government vulnerable suggests that any large enterprise is under similar threat. There’s some good news here, since government agencies are typically among the last to adopt new productivity or security controls, many private-sector organizations are often out in front when it comes to protecting sensitive corporate, consumer and employee data.

Nonetheless, all companies are beholden to government data, systems and security to some extent. All businesses must file taxes with the IRS, and thanks to the rise of electronic personal health information (ePHI), more and more organizations are subject to HIPAA compliance requirements, audits and evaluations. Simply put? If government servers aren’t safe, it’s hard for private IT security experts to bolster C-suite confidence.

Security Self-Esteem

But there are ways to improve security self-esteem. Cloud-based solutions are a solid start, since niche providers can now deliver defenses that are at least on par with in-house alternatives. In addition, these adaptable and often real-time security controls are better equipped to handle a network environment no longer defined by a hard-and-fast digital perimeter.

Another way to boost cybersecurity self-confidence? Discovering key weaknesses with rigorous pen testing. While companies do their best to internally evaluate internet-facing applications and tools, it’s easy to overlook small vulnerabilities that can become big problems — the recent rash of IoT-based DDoS attacks are proof that even small opportunities can be effectively parlayed into big gains for cybercriminals. Partnering with the right penetration testing provider offers an unbiased view of current systems and lets IT pros address problems directly rather that waiting for compromise to inform change.

Bottom line? Ongoing U.S. cybersecurity issues have shorted companies on confidence. While it’s impossible to force corrective information security action on government agencies, organizations can bolster their own self-esteem by leveraging cloud-based tools for active detection and taking a hard look at potential paths of network compromise.

 |  |  |  |  |  | 
Douglas Bonderud
Freelance Writer

More from

January 10, 2025

Is the water safe? The state of critical infrastructure cybersecurity

4 min read - On September 25, CISA issued a stark reminder that critical infrastructure remains a primary target for cyberattacks. Vulnerable systems in industrial sectors, including water utilities, continue to be exploited due to poor cyber hygiene practices. Using unsophisticated methods like brute-force attacks and leveraging default passwords, threat actors have repeatedly managed to compromise operational technology (OT) and industrial control systems (ICS).Attacks on the industrial sector have been particularly costly. The 2024 IBM Cost of a Data Breach report found the average total…

January 9, 2025

Cybersecurity trends: IBM’s predictions for 2025

4 min read - Cybersecurity concerns in 2024 can be summed up in two letters: AI (or five letters if you narrow it down to gen AI). Organizations are still in the early stages of understanding the risks and rewards of this technology. For all the good it can do to improve data protection, keep up with compliance regulations and enable faster threat detection, threat actors are also using AI to accelerate their social engineering attacks and sabotage AI models with malware.AI might have…

January 8, 2025

Cloud threat report: Why have SaaS platforms on dark web marketplaces decreased?

3 min read - IBM’s X-Force team recently released the latest edition of the Cloud Threat Landscape Report for 2024, providing a comprehensive outlook on the rise of cloud infrastructure adoption and its associated risks.One of the key takeaways of this year’s report was focused on the gradual decrease in Software-as-a-Service (SaaS) platforms being mentioned across dark web marketplaces. While this trend potentially points to more cloud platforms increasing their defensive posture and limiting the number of exploits or compromised credentials that are surfacing,…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature