Forget hackers, the fool next to you is the real threat

The most common threat to government data is human error rather than malicious hackers or code, according to an analysis of reported data breaches by the security intelligence company Rapid7. This is not necessarily good news for IT security professionals charged with keeping malware and hackers out of government systems. Rather it is a reflection that the boneheaded, like the poor, will always be with us.

Unintended disclosure was responsible for 29 percent of incidents reported by agencies over the last three years, putting it in first place in terms of number of breaches. In terms of number of records exposed, loss or theft of portable devices was number one, exposing more than 80 million records, for a whopping 86 percent of that total.

Hacking and malware came in well down the list, with 40 incidents exposing about 1 million records.

Causes for reported government data breaches

The data was culled by Rapid7 from the Chronology of Data Breaches maintained by the Privacy Rights Clearinghouse.

Progress is being made on the challenge of protecting data on portable devices that are easy to lose and attractive targets for thieves, however. These types of losses have declined since 2010, and the increased use of technology such as full-disk encryption is helping to keep sensitive data confidential even if the device disappears.

Protecting systems against malware and hackers is likely to remain a challenge regardless of shifts in the data threat landscape, said Rapid7 security researcher Marcus Carey. “Government agencies are going to be continually attacked by malware because there are people out there who want the information,” he said.

Because of the difficulty of gathering accurate statistics about the number and impact of data breaches, it probably is best not to use these numbers to identify anything but broadest trends, however.

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected