Skip to main content
Security Scorecard

U.S. Cybersecurity Readiness in Grim State

Posted on August 24th, 2017

NEW YORK, Aug. 24, 2017 /PRNewswire/ -- SecurityScorecard, the leader in security ratings, today released its annual U.S. State and Federal Government Cybersecurity Report. The study paints a grim picture of the overall cyber health of the nation's government entities. In the midst of investigations into a potential 2016 election hacking, regular major malware events, and an overall increase in the number of sophisticated cyberattacks, the report highlights that the government sector is lagging compared to almost every other industry. However, there are some standout performers that have demonstrated superior cybersecurity capabilities.

SecurityScorecard analyzed more than 500 federal, state, and local government agencies in , compared this group to 17 other expansive industries, and evaluated this group's security capabilities across 10 categories. Key findings from the report include:

  • Government organizations were ranked third from last (16th) in overall cybersecurity, even when compared to heavily-regulated industries like transportation, finance, energy, and healthcare.
  • Government organizations fell significantly short in Network Security (13th), Application Security (11th), Leaked Credentials (12th), Patching Cadence (16th), Endpoint Security (17th), IP Reputation (16th), and Hacker Chatter (18th).
  • Government organizations performed above the cross-industry average in three categories: DNS Health (2nd), Social Engineering (3rd), and Cubit Score (2nd).

"Since our last report in 2016, U.S. state and federal government cybersecurity issues have gained national attention," said Sam Kassoumeh, COO and co-founder at SecurityScorecard. "On an almost daily basis, the institutions that underpin the nation's election system, military, finances, emergency response, transportation, and many more, are under constant attack from nation-states, criminal organizations, and hacktivists. Government agencies provide mission-critical services that, until they are compromised, most people take for granted. This report is designed to educate elected officials, agency leadership, as well as government security professionals about the state of security in the government sector."

SecurityScorecard regularly releases reports on the cyber health of large-scale entities and industries. A complimentary copy of the 2017 U.S. State and Federal Government Report can be downloaded by clicking here. To receive a free SecurityScorecard assessment and consultation for your business, visit

About SecurityScorecard
Headquartered in the heart of New York City, SecurityScorecard's vision is to help security professionals work collaboratively to solve mission-critical, cybersecurity issues in a transparent way. The company was founded in late 2013 by Dr. Aleksandr Yampolskiy and Sam Kassoumeh, two former cybersecurity practitioners who had served, respectively, as Chief Information Security Officer and Head of Security & Compliance. With cloud solutions becoming an increasingly integral part of the security technology stack, Yampolskiy and Kassoumeh recognized the need to address 3rd and 4th party risk as well as better understand the security capabilities of their business partners. Since its founding, the company has grown dramatically and now counts hundreds of leading brands as customers. SecurityScorecard is backed by leading venture capital investors including Sequoia Capital and GV, among others. For more information, visit

Join us in making the world a safer place.