March 9, 2017 By Douglas Bonderud 2 min read

The recent U.S election was fraught with divisive rhetoric and rapidly changing priorities, but it also placed a new focus on cybersecurity as both parties took a hard line against digital threats.

As Infosecurity Magazine noted, however, cybersecurity issues that plagued both sides and may have impacted the election itself left security professionals reeling: Now, just 17 percent say they’re confident in the government’s ability to protect itself from cyberattacks, according to a recent Tripwire survey of RSA attendees.

It dovetails with a spike in overall IT security concerns, with 80 percent of respondents saying they’re more worried about current cybersecurity than in 2016. How do organizations cultivate confidence in a post-election world?

The Trickle-Down Effect for Cybersecurity Issues

Concerns about outside agency hacking and internal security issues have also impacted how companies see their own security infrastructure. While 60 percent said they “were confident in their organization’s ability to enforce foundational security controls,” almost the same number pointed to worries about intellectual property theft, the survey found. Another 54 percent expressed concern about brand reputation and nearly half spoke about the risks of internal security failures if employees lacked sufficient tech skill.

Cybersecurity issues extend beyond U.S borders. CSO Online stated the global cybersecurity index fell six points in 2016 to a score of 70 percent. A drop in the 2017 Risk Assessment Index is partially responsible for this overall loss: While companies remain confident in their ability to patch network vulnerabilities, they often struggle to discover these weaknesses before cybercriminals gain access.

The Government Lags Behind

It’s no surprise that issues with government security are causing headaches for security pros. Given the massive amount of data handled and stored by government agencies — everything from in-depth records of personal identifiable information (PII) to defense contracts and election results — seeing the government vulnerable suggests that any large enterprise is under similar threat. There’s some good news here, since government agencies are typically among the last to adopt new productivity or security controls, many private-sector organizations are often out in front when it comes to protecting sensitive corporate, consumer and employee data.

Nonetheless, all companies are beholden to government data, systems and security to some extent. All businesses must file taxes with the IRS, and thanks to the rise of electronic personal health information (ePHI), more and more organizations are subject to HIPAA compliance requirements, audits and evaluations. Simply put? If government servers aren’t safe, it’s hard for private IT security experts to bolster C-suite confidence.

Security Self-Esteem

But there are ways to improve security self-esteem. Cloud-based solutions are a solid start, since niche providers can now deliver defenses that are at least on par with in-house alternatives. In addition, these adaptable and often real-time security controls are better equipped to handle a network environment no longer defined by a hard-and-fast digital perimeter.

Another way to boost cybersecurity self-confidence? Discovering key weaknesses with rigorous pen testing. While companies do their best to internally evaluate internet-facing applications and tools, it’s easy to overlook small vulnerabilities that can become big problems — the recent rash of IoT-based DDoS attacks are proof that even small opportunities can be effectively parlayed into big gains for cybercriminals. Partnering with the right penetration testing provider offers an unbiased view of current systems and lets IT pros address problems directly rather that waiting for compromise to inform change.

Bottom line? Ongoing U.S. cybersecurity issues have shorted companies on confidence. While it’s impossible to force corrective information security action on government agencies, organizations can bolster their own self-esteem by leveraging cloud-based tools for active detection and taking a hard look at potential paths of network compromise.

More from

What does resilience in the cyber world look like in 2025 and beyond?

6 min read -  Back in 2021, we ran a series called “A Journey in Organizational Resilience.” These issues of this series remain applicable today and, in many cases, are more important than ever, given the rapid changes of the last few years. But the term "resilience" can be difficult to define, and when we define it, we may limit its scope, missing the big picture.In the age of generative artificial intelligence (gen AI), the prevalence of breach data from infostealers and the near-constant…

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today