A government’s core role is to protect and enhance the lives of its citizens. It must deliver services to create and sustain a robust and efficient public infrastructure, ensure public safety, foster sustainable economic growth and build stronger communities. Those tasks bring many challenges, but the overriding requirement of security is common to them all. Without it, no government in the world can perform its role. Security is always a prerequisite.
A Growing Global Concern
IBM’s “2016 Cyber Security Intelligence Index” reported that in 2015, the government sector advanced from sixth place to fourth place among most frequently attacked industries. According to the U.S. Government Accountability Office, cyberattacks against the U.S. government were up 1,300 percent since 2006.
Globally in 2015, IBM Managed Security Services (MSS) observed a 36 percent increase in security incidents affecting the average government client organization. A security incident — an attack or event that has been reviewed by security analysts and deemed worthy of deeper investigation — is the most serious of IBM MSS data classifications. That figure wasn’t as high as the 64 percent rise we observed in the average client company across all industries, but it was certainly significant.
Coupled with reports of massive government breaches in 2016, these findings underscored a need to draw attention to threats targeting governments. Most notably, over 93 million records containing Mexican voter data were exposed due to an improperly secured public-facing cloud database. Leaked data included names, parent names, voter identification numbers, addresses, dates of birth and other sensitive information.
Top Threats to the Government Sector
IBM Security found newer threats such as Shellshock plaguing government organizations. It also observed older, tried-and-true threats, such as SQL injection and buffer manipulation, still prevalent across incidents on government networks.
These insights and more can be found in the recently released IBM Report, “The Changing Face of IT Security in the Government Sector.”