Summaries
SANS Survey Gauges Government Cybersecurity Readiness: Budget Gaps, Legacy Infrastructure, and Workforce Challenges
The SANS 2026 Cybersecurity Readiness in Government Survey, authored by Ryan Nicholson, assesses where public-sector cybersecurity programs actually stand — capturing practitioner perspectives on budget constraints, legacy infrastructure, hiring challenges, and the growing gap between agency needs and capabilities.
View on Graph
Summary
The SANS 2026 Cybersecurity Readiness in Government Survey, published May 26, 2026 and authored by SANS Senior Instructor Ryan Nicholson, takes what the report describes as an honest measure of where government cybersecurity programs actually stand — not where policy says they should be, but where practitioners on the ground report they are. Drawing from the author’s 20 years of Department of Defense experience, including roles in network security, cloud defense, and compliance auditing, the survey examines the structural challenges that prevent public-sector organizations from achieving their security objectives.
The survey identifies three compounding stressors that define government cybersecurity readiness. Budget cycles that move slower than threat actors create a structural disadvantage — by the time funding is allocated for a specific security initiative, the threat landscape has often shifted. Hiring processes that struggle to compete with private-sector salaries leave agencies unable to fill critical roles, even when those positions are funded. And legacy infrastructure predating modern cloud architectures remains in place, creating integration challenges and security gaps that new investments cannot fully address.
These are not new problems, but the survey emphasizes that they are compounding ones. The gap between what agencies need and what they can consistently deliver is growing harder to close. The report aims to provide both diagnostic insight and a basis for prioritizing improvements across the public sector.
Why It Matters
Government agencies manage some of the most sensitive data in any nation — citizen records, national security information, critical infrastructure operations — and are disproportionately targeted by nation-state adversaries. The SANS survey’s findings suggest that structural, not technical, factors are the primary barriers to readiness. For defenders working in or with government organizations, understanding these constraints is essential for developing realistic security improvement plans.
Defender Takeaways
- Assess your agency’s budget cycle alignment with threat evolution; consider whether funding processes allow for rapid pivoting when the threat landscape shifts.
- Evaluate legacy infrastructure migration priorities — the survey emphasizes that aging systems create both security gaps and integration friction with modern cloud solutions.
- Review hiring and retention strategies against private-sector competition; consider alternative approaches such as rotational assignments or public-private partnership programs.
- Use the survey findings as a benchmarking tool against peer agencies to identify where your program exceeds or lags behind the reported averages.
- Consider implementing compensating controls where structural constraints prevent immediate remediation — technical controls can partially bridge budget and staffing gaps.
Source
Title: SANS 2026 Cybersecurity Readiness in Government Survey Insights — Ryan Nicholson, SANS
URL: https://www.sans.org/white-papers/sans-2026-cybersecurity-readiness-government-survey-public-sector-ready-next-cyber-threat/
Related
- Threat Intelligence Fundamentals — detection and response for T1598 techniques
- Cloud Security Fundamentals — detection and response for T1525 techniques
- Zero Trust — detection and response for TA0005 techniques
- Cloud Incident Response — detection and response for T1525, T1526, T1078, T1530 techniques