It’s been a few weeks since Verizon released the 12^th edition of its Data Breach Investigations Report (DBIR). For this publication, Verizon’s researchers studied 41,686 security incidents in which a response was necessary. These analysts found that 2,013 of those incidents were data breaches in that some sort of information was actually compromised.

Out of all the other sectors, public administration saw a disproportionately large share of security events during Verizon’s reporting period. Approximately 56 percent of all security incidents analyzed for the 2019 DBIR struck public organizations, for instance. The sector also accounted for about 16 percent of all publicly disclosed data breaches.

A closer look at these public sector security incidents shows that digital espionage was the most prevalent attack pattern for this industry.  Espionage played a pivotal role in almost half (42 percent) of data breaches reported by public organizations. That is an increase of 168 percent from just 25 percent of breaches a year earlier. Given this growth, it’s no wonder that espionage was the predominant motive in two-thirds of public sector breaches.

It’s also not surprising that primarily external attackers were responsible for those data breaches. 30 percent of those security incidents with confirmed data disclosure involved internal actors. 30 percent isn’t nothing, but it’s not a majority either. Meanwhile, partners were behind only one percent of these security events.

It’s important to note that agencies are spending lots of money to combat the risks associated with insider threats. (The Office of the Director of National Intelligence’s creation of a government-wide insider threat program is but one example.) Some might feel this level of investment is wasted given the fact that there were fewer data breaches associated with insider threats than those resulting from (Read more...)