1 in 4 government agencies reported accidental cloud data leakage in 2020
The survey found that in 2020, the most common incidents that government agencies experienced in the cloud were phishing (reported by 39% of organizations), accidental data leakage (24%) and targeted attacks on the infrastructure (22%). Data leakage was the hardest of the three to detect; 27% of organizations required days to flag it, while phishing and targeted attacks were spotted in hours or less by almost 100% of organizations. Resolving data leakage also took longer than other incidents, requiring days (32%), weeks (11%) or months (23%).
The top consequences of cloud breaches in the public sector were unplanned expenses to fix security gaps (28%), customer churn and/or loss of credibility (13%) and change in senior leadership (11%).
Most government agencies attribute their cloud security challenges to lack of IT/security staff (65%), employee negligence (59%) and lack of budget (53%). Indeed, only 24% of public organizations received extra budget for cybersecurity even though in our 2019 survey, 45% expected their budget to grow in 2020. On average, public sector organizations allocate only 14% of their cybersecurity budget to cloud security, which is the lowest result for any sector.
Other survey findings include:
- Despite government initiatives encouraging cloud adoption and the recent increase in remote work, half of public sector organizations do not store any data in the cloud.
- In response to the pandemic, 47% had to change their IT priorities but stick to their existing budget.
- The top security measures government agencies are taking in response to cloud security challenges are auditing of user activity (65%), data classification (56%) and privilege attestation (53%).
Cloud technologies may raise security concerns that make the public sector wary of leveraging the cloud to improve the services they provide. To adopt cloud technologies more confidently and with fewer risks, government agencies need solutions that deliver visibility into data, activity and risks across the cloud or hybrid environment. That way, these organizations will be able to quickly detect, prioritize and respond to threats across the IT estate.
Ilia Sotnikov, VP of Product Management at Netwrix
The 2021 Netwrix Cloud Data Security Report is based on feedback from 937 IT professionals worldwide who use private and public cloud services to store their data. To get the complete findings, please visit: www.netwrix.com/2021_cloud_data_security_report.html
Netwrix makes data security easy thereby simplifying how professionals can control sensitive, regulated and business-critical data, regardless of where it resides. More than 10,000 organizations worldwide rely on Netwrix solutions to secure sensitive data, realize the full business value of enterprise content, pass compliance audits with less effort and expense, and increase the productivity of IT teams and knowledge workers.
Founded in 2006, Netwrix has earned more than 150 industry awards and been named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest growing companies in the U.S.
For more information, visit www.netwrix.com.
Your questions and feedback are always welcome. Please dial our toll-free number: 888 - 638 - 9749, or enter your question details here and we will reply as soon as possible.
Erin Jones, Avista PR for Netwrix
Phone: 704 - 664 - 2170