industry unlocked to a spear-phishing email . However , more than one-third accidentally sent information to the wrong person . This seems to be a common problem in government organisations ; overall , 41 % said they had received an outlook recall message or an email telling them to disregard a communication sent in error .
When asked why these mistakes had occurred , human factors are high on the list . One-fifth attributed their error to working in a pressured environment , 15 % were tired and 19 % were rushing . Some 14 % said an incident happened because they were using a mobile device , a risk which will inevitably increase as home and mobile working continues in the current climate .
Tackling insider breach risk – too high a risk appetite ?
The 113 government IT leaders we surveyed seem somewhat resigned
Our research has shown that workers have a very proprietorial attitude to the data and information they work on , frequently assuming that creation confers ownership .
to insider breaches . A total of 78 % thought employees had put data at risk maliciously and 86 % thought they ’ d done so accidentally in the past year . Looking forward , a quarter of them felt it was likely they would suffer a breach in the coming year . Despite this , fewer than half of IT leaders said they were using technologies such as email encryption , antivirus and secure collaboration software to help prevent insider breach risk . There seems to be a sense that human-activated breaches are inevitable within the public sector , meaning risk appetite is set at a level that accepts a 25 % breach risk – but will likely prove a lot higher given evidence to date .
Addressing human layer security – bridging the current risk gap
So , the question is , how can we close that risk gap and better protect citizens ’ data ? It ’ s simply not possible for government IT leaders to ‘ fix ’ most of the root causes of breaches . People will always get tired , stressed and rushed , given the pace at which www . intelligentciso . com | Issue 31
45