White House
August 23, 2017 by

100% of Govt Entities See Own Employees as Biggest Cybersecurity Risk

A new cybersecurity report has claimed that the government sector is way behind others in implementing modern cybersecurity protocols and defenses, leading to an increase in data breaches targeting government servers.

According to security firm Netwrix’s new report, the failure to implement and upgrade cybersecurity defenses by the government has seen a staggering 72% of its entities compromised worldwide in 2016. Government agencies are, unsurprisingly, targeted by hackers due to the troves of sensitive information they store. They include citizens’ personal data including addresses, social security numbers, healthcare records, driver’s license numbers and more. Hackers also target critical government infrastructure to disrupt public services and damage control systems.

Despite all of the above threats, government IT specialists and agencies point to their own employees as their greatest threat.

“All government entities surveyed consider their own employees to pose the biggest threat. It is interesting how the loudest headlines (state-sponsored attacks carried out by hackers, for example) don’t always correspond with the respondents’ perceptions and priorities,” the report reveals.

The reason for the distrust is telling. Government employees surveyed revealed that some 57% of security incidents in 2016 were due to human errors. Further, 43% of government organizations admitted that they were forced to investigate security incidents that involved insider misuse.

The report also found that a majority of government entities had not implemented any risk management or security governance within their IT infrastructures. A further 75% of respondents revealed there were no dedicated cybersecurity personnel within their agencies. The compliance and security work was instead taken over by IT operations. Tellingly, both junior and middle-level IT staff reported a lack of time (57%) and a lack of budget (54% of those polled) as the primary factors keeping them from enforcing a better security plan. They also cited the growing complexity of IT infrastructure (43%) and data assets (43%) as factors.

The general conclusion we can draw is that government agencies need to start approaching IT risk from the top down: Senior management must get more deeply involved and fund cyber-security initiatives,” wrote Ryan Brooks, product evangelist at Netwrix. “Otherwise, their IT teams will not have the visibility required to maintain stable IT operations, comply with regulatory requirements and identify ongoing security threats, let alone proactive risk mitigation.”

Image credit: Pexels.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

HBO Refuses to Pay Hackers as Leaks Continue

HBO is refusing to negotiate with hackers who have allegedly stolen up to 1.5 terabytes of data from...

Read more arrow_forward

Artificial Intelligence - The Future of Cybersecurity

The sheer number of cyber-attacks and threats present in today’s world is considerable. As the...

Read more arrow_forward

Trump Signs Presidential Executive Order to Strengthen US Cyber Defenses

US President Donald Trump has signed an executive order on Thursday that aims to improve and bolster...

Read more arrow_forward