U.S. Government 'Worse Than All Major Industries' on Cybersecurity
ARLINGTON, VA - JANUARY 13: U.S. President Barack Obama delivers remarks at the National Cybersecurity and Communications Integration Center (NCCIC) on January 13, 2015 in Arlington, Virginia. President Obama discussed efforts to improve the government's ability to collaborate with industry to combat cyber threats. (Photo by Kristoffer Tripplaar-Pool/Getty Images)Kristoffer Tripplaar / Pool via Getty Images
Breaking News Emails
Get breaking news alerts and special reports. The news and stories that matter, delivered weekday mornings.
U.S. federal, state and local government agencies rank in last place in cybersecurity when compared against 17 major private industries, including transportation, retail and healthcare, according to a new report released Thursday.
The analysis, from venture-backed security risk benchmarking startup SecurityScorecard, measured the relative security health of government and industries across 10 categories, including vulnerability to malware infections, exposure rates of passwords and susceptibility to social engineering, such as an employee using corporate account information on a public social network.
Educations, telecommunications and pharmaceutical industries also ranked low, the report found. Information services, construction, food and technology were among the top performers.
Byers Market Newsletter
Get breaking news and insider analysis on the rapidly changing world of media and technology right to your inbox.
Government agencies have struggled for years to keep pace with malicious hackers and insider threats, a challenge that came into focus after it was disclosed last year that more than 21 million individuals had their sensitive data pilfered during a breach at the Office of Personnel Management.
Of the 600 government entities tracked, NASA performed the worst, the report found.
SecurityScorecard said it tracked 35 major data breaches across government from April 2015 to April 2016.
President Barack Obama has made improving cyber defenses a top priority of his remaining year in office. His administration asked Congress to dedicate $19 billion to cybersecurity in its fiscal 2017 budget proposal, which would include $3.1 billion for technology modernization at various federal agencies.
Federal agencies scored most poorly on network security, software patching flaws and malware, according to SecurityScorecard, which said they may be more vulnerable to risk due to their large size.
Of the 600 government entities tracked, NASA performed the worst, the report found. The space exploration agency was vulnerable to email spoofing and malware intrusions, among other weaknesses, according to SecurityScorecard's analysis.