Government agencies experienced all sorts of cloud-related cybersecurity incidents in 2020, but the most dangerous was data leakage, due to the time it takes to identify and remedy issues of this kind.
This is according to a new report from cybersecurity firm Netwrix, which states that phishing and targeted attacks on infrastructure round out the three biggest threats to government agencies.
Of all the different incidents, data leaks were the hardest to identify, with detection often taking days, as opposed to the “hours or less” required to spot phishing and targeted attacks. Data leaks also took longer to resolve; for almost a third (32 percent) of government agencies, it took days to solve the problem, while a quarter (23 percent) took months.
Following a data leakage incident, consequences vary from unplanned spending to fix security gaps (28 percent) and the loss of credibility (13 percent) to senior leadership getting the axe (11 percent).
Most respondents (65 percent) blamed not having enough skilled workers to tackle cloud security, but also mentioned employee negligence (59 percent) and budget woes (53 percent) as major pain points. Netwrix claims less than a quarter (24 percent) of public organizations received extra funds in 2020 for cybersecurity, even though almost half (45 percent) expected it.
On average, public sector organizations allocate roughly 14 percent of their cybersecurity budget to cloud security, which is less than in any other sector.
“Cloud technologies may raise security concerns that make the public sector wary of leveraging the cloud to improve the services they provide. To adopt cloud technologies more confidently and with fewer risks, government agencies need solutions that deliver visibility into data, activity and risks across the cloud or hybrid environment. That way, these organizations will be able to quickly detect, prioritize and respond to threats across the IT estate,” said Ilia Sotnikov, VP of Product Management at Netwrix.