Public Sector Unprepared for Ransomware Attacks

Adam Jacobson


April 1, 2020

In the 2020 Public Sector Security Research survey, IBM Security and Harris Insights & Analytics found that 73% of public sector employees were concerned about ransomware attacks and half expected attacks in their communities to rise in 2020. While 66% said their employer was at least somewhat prepared and 74% were confident that they themselves would be able to recognize and prevent a ransomware attack, only 54% thought they “received adequate training on how to respond to an attack.” Further, more than 50% reported that their employers had not changed their level of preparedness in the past year, and two-fifths said that their employers had not devoted more resources or budget to managing cyberthreats.

Nearly 75% of public sector employees had received some kind of cybersecurity training. However, of all public sector fields polled, educators reported receiving the least—44% said that they had not received basic cybersecurity training and 70% said that they did not have adequate training to respond to a cyberattack. Only 54% of educators had even a basic familiarity with the concept of ransomware, with 30% having only heard the word and 16% reporting no knowledge of ransomware whatsoever.

Adam Jacobson is associate editor of Risk Management.