Sunday, October 17, 2021

Fines Less of a Concern than Reputational Damage for Public Sector Security

Must Read

GoDaddy has confirmed that workers became embroiled in broader cryptocurrency attacks.

GoDaddy workers were exploited to ease attacks on multiple cryptocurrency exchanges through social engineering and phishing.Staff in the domain...

Smart Doorbells Are Open to Various Security Flaws

A consumer rights group has discovered security vulnerabilities from 11 popular smart doorbell products on just two of the...

Twitter hires hacker ‘Mudge’ as its head of security

Twitter has been facing cybersecurity-related concerns lately. To that end, the social media giant has appointed one of the...

In a survey of 250 UK public sector professionals working in cybersecurity, risk, and data protection by Zivver, 52% of all respondents cited reputational damage as their biggest challenge about outbound secure communications.

This was followed by preventing data leaks (50%) and employee awareness of security (49%). Meanwhile, fines were deemed a lesser concern at 19%.

Speaking to Infosecurity, Rick Goud, CIO and co-founder of Zivver, said while the fines issued to BA and Ticketmaster put the topic more top of mind, “I don’t think the fear of fines is what will drive change.”

He added: “In the Netherlands, for example, the country with the highest adoption of email data protection solutions, fines hardly exist.

Adoption will increase with higher awareness, which is enforced by media attention, public interest, independent research, and awareness campaigns. So I see fines as a way to increase awareness, not increase fear.”

Regarding COVID-19’s impact on the security of outbound communications in public sector organizations, around one in three of all respondents said the pandemic brings additional vulnerabilities requiring ongoing security changes.

Further reflecting the high levels of uncertainty, especially by those at the top, 43% of IT leaders in the local government said their organization was less secure as a result of COVID-19.

In terms of data leak frequency, 82% of respondents said their organization had experienced at least one data leak in the past 12 months, while 73% stated they had suffered three or more.

Asked how much he thought this was due to greater remote working and the likelihood of security mistakes being made as a result, Goud said: “Stakeholders report an increase of data leaks since having a remote workforce, which is a logical consequence of two things.

Firstly, any change will lead to people making more mistakes, because change is one of the most difficult things for people, inevitably resulting in errors.

Secondly, additional data leaks will occur because, with a remote workforce, people have to increasingly rely on ways of communicating that was not built for security, like email and popular (free) SAAS-tools for sharing files, sending out questionnaires, etc.

“The latter, especially, is a problem that organizations increasingly recognize and are looking to fix by putting solutions in place that enhance and secure digital communication, knowing that the old way of working will not fully return.”

Goud claimed the findings of this survey indicate an urgent need for public sector organizations to review and update current security practices, requiring technology that is simple to introduce and use to avoid disruption to employees’ productivity.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This