The public sector is still highly vulnerable to cyberattacks due to a lack of awareness among employees, according to a new report from data security provider Clearswift.
Based on a poll of 1,000 employees in the public sector, the report states that almost half have never even heard of ransomware.
Further, more than three quarters reported having had no training on how to identify and defend against ransomware, and others said they are yet to receive any form of cybersecurity training whatsoever.
While the lack of knowledge plays a significant part in the public sector's vulnerability to ransomware, outdated software is also playing a part. According to the report, some employees still use Windows 7 and Windows 8, “a key area of vulnerability if those systems have not been updated with the latest patch”.
Employees are also prone to using insecure file sharing services at least once a day and personal USB sticks at least once a week. Staff also use business devices to check personal email multiple times a day, increasing the risk of phishing attacks.
To make matters worse, the public sector is also suffering from an acute skills shortage. Two thirds of respondents said they do not have a dedicated cybersecurity expert in-house and just 12 percent consulted a specialist in the last six months.