Thales 2017 Report: 96% Federal Workers Fear Data Breaches

Thales released in conjunction with analyst firm 451 Research its second annual data security research brief 2017 Thales Data Threat Report, Federal Edition. The report indicated that ninety six percent of federal workers consider themselves “very” or “extremely” vulnerable to data breaches. This number is higher than any other sector polled by the report.

Despite their high feeling of vulnerability, U.S. federal respondents are spending less on security than other sectors, although their spending is up three percent from last year. Fifty three percent of federal respondents cited tight budgets, lack of cyber expertise, and limited staff as the top reasons for data insecurity.

The need to adopt advanced technology like the cloud, Big Data, and loT has Federal workers feeling insecure, as 71 percent of federal respondents believe these technologies are being adopted without proper security in place.

“This ‘perfect storm’ of very old systems, tight budgets and being a prime cyber-crime target has created a stressful environment,” said Garrett Bekker, principal analyst for Information Security at 451 Research, who noted that these odds are generally not faced in the private sector.

“A major challenge in securing the far-flung systems in the U.S. federal government is the plethora of aging legacy systems still in place, with one example being a 53 year-old Strategic Automated Command and Control System at the Department of Defense that coordinates U.S. nuclear forces and uses 8-inch floppy disks,” said Bekker.

Encryption is cited in the report as the top data security control, with 60 percent of federal workers reporting that they’re using this to ensure data privacy. In general, given their high threat level, federal workers may have an overly rosy view of their security protocol compliance.

The Thales report offers the following recommendations to federal agencies that are looking to update to advanced technologies:
• They should deploy “security tool sets that offer services-based deployments, platforms and automation,”
• Discover and classify “the location of sensitive data within cloud, SaaS, big data, IoT and container environments,”
• Leverage “encryption and Bring Your Own Key (BYOK) technologies for all advanced technologies.”

In an interview with GovConWire, Wayne Lewandowski, Vice President of US Federal at Thales e-Security, likened data security to that of banks. Given the number of cyber-criminals and their constant targeting, it’s safe to say that there will be breaches — but the most important thing is to keep the criminals from the vault, or the most valuable data, by maintaining practices that keep data and information secure. The most sensitive data should be restricted to only those people that really need it, not open to all users, and in particular privileged users such as sysadmin or Root Users.

“The Thales Data Threat Report for US Public Sector demonstrates once again that federal agencies continue to be the largest target of any sector for criminal exploits. We are excited to partner with our government constituents to bring the recognized need for encryption, key management and policy controls to defend critical data,” Lewandowski told GovConWire.

You may also be interested in...

Tony Smeraglinolo

Executive Spotlight: Tony Smeraglinolo, CEO and Chairman of Sincerus Global Solutions

Tony Smeraglinolo, chairman and CEO of Sincerus Global Solutions, recently spoke with ExecutiveBiz regarding his return to the federal market, the decision to launch his new Sincerus, the company’s goals, potential growth and possible future. “We know that our success will be defined by superior customer service and satisfaction, meeting our commitments and creating impact during mission execution, he said.”

Dan Wilbricht

Executive Spotlight: Dan Wilbricht, VP of Americas Public Sector at Ivanti

Dan Wilbricht, vice president of Ivanti's public sector business in the Americas, recently spoke with ExecutiveBiz regarding the internal advancements of automation, cloud and managed services. He also discussed external technology initiatives, including Cybersecurity Maturity Model Certification (CMMC) and Certified Information Systems Auditor’s (CISA) Trusted Internet Connection (TIC) policy 3.0, and the potential future of the technology sector.

Scott Royal

Executive Spotlight: Scott Royal, PhD, President & CEO of Westat

Scott Royal, president and CEO of Westat, recently spoke with ExecutiveBiz regarding his appointment as CEO, his strategy for growing the company through leveraging research expertise and specialized IT capabilities, and his approach to dealing with the “new normal” in a COVID-19 world.