New Report Reveals Cyber Resilience Is Often Not a Whole-Organization Priority in SLED Sector

LevelBlue, formerly AT&T Cybersecurity, released a report on November 20 highlighting barriers to cyber resilience and growing cyber threats in the U.S. state, local and education (SLED) sector. The research found that 69% of respondents acknowledge cyber resilience is not a whole-organization priority. 

The report, 2024 LevelBlue Futures Report: Cyber Resilience in U.S. State and Local Government and Higher Education (SLED), was conducted in March 2024 and surveyed 150 participants. The goal was to understand how organizations were tackling cyber resilience and find out how cybersecurity is integrated into their business. 

“Across the board, governance teams do not understand what cyber resilience is,” said Theresa Lanowitz, chief evangelist at LevelBlue. “That’s an impediment to getting the whole organization to understand that this is a whole-business problem. This is not just the cybersecurity team’s problem.” 

The SLED report is part of a larger LevelBlue research project that looked at cyber resilience in other sectors. In this “core” report, the team surveyed 1,050 participants across 18 different countries in seven individual vertical markets: finance, health care, manufacturing, transportation, energy utilities, U.S. SLED and retail. 

In the core report, the team found that 72% of governance teams do not understand what cyber resilience is. In the U.S. SLED report, the figure lowers to 68%. The SLED sector has a better understanding of the topic, but it’s nowhere near ideal. 

Researchers also found that across the board, organizations tend to tackle cybersecurity barriers after an attack has already happened.

“We're finding that cyber security budgets are largely reactive versus proactive,” Lanowitz said. 

The SLED report found that the growing types of cyber threats across organizations are a tie between phishing and ransomware at 53%, followed by business email compromise at 51%.

“It's doing nothing but growing,” she said. 

Future trends of cyber threats point to attacks with a social engineering component, such as deepfakes and QR codes.

“Those QR codes are quite dangerous,” Lanowitz said. “You don’t want to put information that can be your PII, your personal identifiable information.” 

The research team is working on the field survey for the 2025 report.

“One of the things that we’re looking at is, how are organizations fortifying themselves against these sort of social engineering attacks?” Lanowitz shared.

To fight off these cyber attacks, the core report emphasizes the need for proactive cybersecurity integration and collaboration among CIOs, CTOs and CISOs.

“The key is to have cybersecurity integrated into the project from the beginning,” Lanowitz said. “If we can align those leadership levels and the cybersecurity team with the critical objectives of the organization, we would see better cybersecurity outcomes." 

What can organizations do with this report? They can use it to start conversations surrounding cybersecurity.

“Use it in your planning. Use it as a guidepost. Use it as a tool for some of the planning that you are doing. Start that conversation,” Lanowitz said.