Public sector IT teams know that data breaches are a real possibility. To combat the threats that cause these breaches, agencies rely on a vast array of cybersecurity tools and expert teams, but is it enough? The recent Data Breach Investigations Report by Verizon uncovered information that’s vital to agencies– who is attacking the public sector, how attacks are being launched, and what can be done to help stop these bad actors.
According to the report, the public sector faced 6,843 incidents with 346 confirmed data disclosures last year. It’s no surprise that attacks and breaches are on the rise with the vast amount of connected technology agencies leverage today, explained John Grim, Head of Research at the Verizon Threat Research Advisory Center. “For agencies to combat threats, they must understand how attackers are infiltrating systems and how these threats evolve.”
The report found that while insider threats continue to be an issue for government agencies, 70 percent of breaches were caused by external threats. “Furthermore, of the overall confirmed data breach set, when we look at data that threat actors are targeting, we see that personal data is targeted in more than half of data breaches (58%), which is nearly double the percentage a year ago. Attackers prey on organizations that collect and store personal information, such as citizen data, to include social security numbers and other personally identifiable information. Agencies need to secure this data against the rising threat landscape – especially ransomware,” explained Grim.
Ransomware continues to cripple various industries, in particular, the public sector. For the overall data breach set, ransomware is at 27 percent of malware incidents, which is around 60 percent for malware varieties in Public Administration. “Sixty percent! We must do better than that at reducing the impact this can cause,” said Grim.
“And let’s not forget the current challenges faced by many organizations with employees working from a familiar location, but in unfamiliar circumstances: those working from home. This dynamic poses two primary challenges: the Human Element and the cybersecurity aspects,” explained Grim. “Threat actors are well aware of the potential they have here. Sensitizing employees to threat actor tactics – email phishing, fake websites, and fraud tactics – coupled with using VPNs, multi-factor authentication, and a strong password policy among other measures – can go a long way in reducing threat actor impact.”
The report also outlined nine areas that agencies should consider to bolster their cyber posture in collaboration with the Center for Internet Security Critical Security Controls (CSCs).
Ready to learn other best practices for agencies and the public sector? Click here.