U.S. federal, state and local government agencies rank lowest in cybersecurity when compared to the private sector, according to a report released Thursday by security risk benchmarking startup SecurityScorecard.
The report examined cybersecurity efforts across 10 categories, including malware infection, vulnerability to social engineering techniques and how often passwords are exposed.
Information services, construction, food and technology were rated the highest in terms of cybersecurity. Along with government agencies, the education, telecommunications and pharmaceutical industries also had low rankings, according to the report.
SecurityScorecard said it tracked 35 major data breaches across 600 government entities between April 2015 to April 2016 to collect its data. Federal agencies had especially poor scores for their network security, malware and flaws in software patching. Because of the size of the federal government, it may have a tougher time when it comes to cybersecurity, SecurityScorecard said.
NASA performed the worst, the report found.
A recent report found the government and military accounted for about 14.4% of breaches since Identify Theft Resource Center started tracking breaches in 2005.
Federal government agencies such as the Office of Personnel Management and the IRS have been responsible for huge data losses over the last few years. Last August, the IRS revealed that hackers had been able to the steal sensitive data of more than 300,000 taxpayers.
In an effort to turn cybersecurity practices around, President Barack Obama requested $19 billion for federal cybersecurity initiatives in 2017 federal budget, including a new cybersecurity panel with officials from across industries.