86% of government entities ‘not prepared’ for cyber attacks

According to a recent report from Netwrix, “100% of IT specialists working for government agencies worldwide said they see employees as the biggest threat to security.” This response is based upon previous experiences:

  • 57% of security incidents in government entities in 2016 were due to human error.
  • 43% of organizations in 2016 had experienced insider misuse of data.
  • 86% of government entities do not consider themselves well prepared to tackle cyber attacks.

Government entities are considered attractive targets because of the extensive volume of sensitive data that they store, both relating to citizens and to local or national security.

The report also found that, of the organizations surveyed:

  • 75% do not have a separate information security function, which means that responsibility for information security is left to IT teams.
  • 88% admitted to not using risk management or information security governance software.
  • Just 38% claim that they’re aware of internal system user activity.
  • Only 40% monitor database activity despite almost half (43%) suffering insider data misuse in 2016.
  • 86% stated that heightened visibility into user activity helps them to spot and mitigate human factor risks.

In addition, 57% of government organizations admitted to focusing security efforts on endpoints rather than protecting data.

The two main factors given for not being well-prepared to combat cyber threats included lack of time (57%) and lack of budget (54%).

These findings are concerning and, with cyber attacks increasing in both volume and sophistication, significant improvements need to be made to better protect information assets. Appropriate investment needs to be provided by senior management in order to implement a robust cybersecurity initiative.

Protect your organization by educating your staff

IT Governance offers a range of cybersecurity solutions, including for raising staff awareness. Take action against the increasing threat of targeted cyber attacks by educating your employees to be vigilant and practice secure behavior. Our hassle-free, cost-effective eLearning courses continually reinforce the importance of compliance and security, and help staff develop good habits. Your staff are on the frontline: give them the awareness training they need.

Find out more >>