Government Agencies: Prime Targets for Security Breaches

Up to now in our series about security in various sectors, we have been covering different types of businesses and the information security and compliance challenges and issues they face. In this post, we examine the security challenges and needs of the public sector.

Because of the array of services that federal, state and local government agencies offer to the public, and the vast amounts of information they gather and share about citizens and businesses—including financial data—these organizations are a likely target for cyber attacks.

The United States federal government is the largest employer in the country and maintains a “massive volume” of data on both its employees and constituents, according to Verizon’s 2014 Data Breach Investigations Report, which looked at security threats in 20 different industries.

Government entities face many of the same security threats that companies have to deal with: viruses and other malware, hacking attacks, denial of service, phishing, advanced persistent threats, etc. But the government seems to be a particularly attractive target for cyber criminals and other bad actors.

The U.S. federal government seems to be especially high on the list of entities that attackers like to go after. In a brief issued in October 2014, public policy research institute The Heritage Foundation provided a list of federal government cybersecurity breaches and failures, most of which occurred during 2013 and 2014.

Here are just a few of the organizations included in the list: Nuclear Regulatory Commission, Department of Defense, Department of Energy, Federal Election Commission, Internal Revenue Service, National Aeronautics and Space Administration, Department of Health and Human Services, Environmental Protection Agency, Central Intelligence Agency, Department of Education and U.S. Federal Courts.

That’s a fairly extensive roster. And considering the importance of these entities to citizens not just of the U.S., but around the world, attacks against their systems and data is no small concern. A breach that brings down the systems of several of these organizations, even for a brief time, could create significant problems.

What’s more, The Heritage Foundation says the list on its site is in no way complete. “Some hacks might not be reported or are classified, and others have yet to be realized,” the brief says.

According to the Verizon report on data breaches, public sector entities suffered 175 security incidents with confirmed data loss in 2013, higher than any other sector except for finance. Public sector organizations reported the highest number of cyber espionage incidents of any sector (133), with these incidents defined as unauthorized network or system access linked to state-affiliated actors and/or exhibiting the motive of espionage.

Industry research also shows that many government agencies, similar to a good number of educational institutions, are not aware of the attacks against them. A report by consulting from PwC and CIO and CSO magazines, “The Global State of Information Security Survey 2015,” which surveyed 9,700 business and technology executives worldwide from March to May 2014, asked respondents to identify the number of security incidents they had detected in the past 12 months.

More than one quarter of the government respondents (26%) said they didn’t know the number of security incidents. That compares with only 10% for survey participants from all industries. The good news is only 15% of the government respondents said they’d detected 50 or more security incidents in the past 12 months, compared with 24% for all industries. But then again, how many incidents did the government agencies miss because they didn’t have adequate technology and personnel in place?

As for the likely source of security incidents, the most common response by government entities, by far, was employees. That includes current workers (35%) and former employees (26%). Again, a good percentage of the respondents (29%) said they had no idea who was the likely source of security incidents.

For value-added resellers (VARs) and managed services providers (MSPs), there is a vast opportunity to tap into the market for security solutions for public sector organizations. This includes not only U.S. federal, state and local governments, but government agencies around the world.

In the current environment of increasingly sophisticated attacks from hackers as well as from organized cyber espionage groups, governments are looking to protect their systems and data from cyber attacks such as viruses and other malware, phishing, denial of service and unauthorized access.

In addition to selling products such as anti-virus software, firewalls, intrusion detection and prevention systems, encryption, identity management and mobile security systems, channel players can offer sorely needed security expertise to agencies.

 

{{cta('86b5d155-977c-40ac-aa45-e9804451f03c','justifycenter')}}