Noname Security, a provider of comprehensive API security solutions, has unveiled its latest research report, "Noname Security's Viewpoint on the Government and Public Sector." This report follows their annual API security report, "The API Security Disconnect 2023," and sheds light on a significant disparity within the public sector regarding API security.
Despite a high level of confidence in API security (96%), the research reveals that 77% of organizations in the public sector experienced security incidents in 2023. These organizations handle sensitive and regulated personally identifiable information (PII), such as healthcare, financial, and employment data, putting citizens at risk in case of security breaches.
Dean Phillips, Executive Director of Public Sector Programs at Noname Security, emphasized the ongoing disconnect between perceived security and actual experiences. He stressed that security incidents in the public sector could have far-reaching consequences, impacting every citizen and necessitating the adoption of the right tools to safeguard national security.
Key findings from the report, based on a survey of 112 government and public sector professionals, include:
Nearly 90% of respondents consider API security a higher priority than it was a year ago.
More than half (59%) reported a loss of customer goodwill and churned accounts due to security incidents.
Other impacts of security incidents included loss of productivity (47%), remediation costs (44%), and fines from regulators (43%).
API gateways were identified as the primary attack vector (24%), followed by network firewall attacks (21%) and authorization vulnerabilities (17%).
The report emphasizes the importance of API security in protecting citizen data and maintaining regulatory compliance. In fact, 72% of government and public sector respondents stated that their API security platform partner helps them maintain regulatory compliance.
Noname Security's ongoing efforts in this space include the release of the Public Sector's Hardened Virtual Appliance, designed to provide a secure and scalable system for discovering, monitoring, and protecting mission-critical APIs and data. This development aligns with their commitment to eliminating API-related cyberattacks and enhancing public safety.