December 7, 2016 By Michelle Alvarez 2 min read

A government’s core role is to protect and enhance the lives of its citizens. It must deliver services to create and sustain a robust and efficient public infrastructure, ensure public safety, foster sustainable economic growth and build stronger communities. Those tasks bring many challenges, but the overriding requirement of security is common to them all. Without it, no government in the world can perform its role. Security is always a prerequisite.

A Growing Global Concern

IBM’s “2016 Cyber Security Intelligence Index” reported that in 2015, the government sector advanced from sixth place to fourth place among most frequently attacked industries. According to the U.S. Government Accountability Office, cyberattacks against the U.S. government were up 1,300 percent since 2006.

Globally in 2015, IBM Managed Security Services (MSS) observed a 36 percent increase in security incidents affecting the average government client organization. A security incident — an attack or event that has been reviewed by security analysts and deemed worthy of deeper investigation — is the most serious of IBM MSS data classifications. That figure wasn’t as high as the 64 percent rise we observed in the average client company across all industries, but it was certainly significant.

Learn more about information security in the government sector

Coupled with reports of massive government breaches in 2016, these findings underscored a need to draw attention to threats targeting governments. Most notably, over 93 million records containing Mexican voter data were exposed due to an improperly secured public-facing cloud database. Leaked data included names, parent names, voter identification numbers, addresses, dates of birth and other sensitive information.

Top Threats to the Government Sector

IBM Security found newer threats such as Shellshock plaguing government organizations. It also observed older, tried-and-true threats, such as SQL injection and buffer manipulation, still prevalent across incidents on government networks.

These insights and more can be found in the recently released IBM Report, “The Changing Face of IT Security in the Government Sector.”

More from Government

NIST’s security transformation: How to keep up

4 min read - One thing that came out of the pandemic years was a stronger push toward an organization-wide digital transformation. Working remotely forced companies to integrate digital technologies, ranging from cloud computing services to AI/ML, across business operations to allow workers to keep up high production and efficiency standards. Now that businesses and consumers have adjusted to the new normal of digital transformation, it is time to develop a security transformation strategy. Coping with the speed of change A constantly evolving tech…

Cyber experts applaud the new White House cybersecurity plan

4 min read - First, there was a strategy. Now, there’s a plan. The Biden Administration recently released its plan for implementing the highly anticipated national cybersecurity strategy published in March. The new National Cybersecurity Strategy Implementation Plan (NCSIP) lays out specific deadlines and responsibilities for the White House’s vision for cybersecurity. The plan is being managed by the White House’s Office of the National Cyber Director (ONCD). Cybersecurity experts have applauded the Administration’s plan as well as the new implementation calendar. For example,…

How the FBI Fights Back Against Worldwide Cyberattacks

5 min read - In the worldwide battle against malicious cyberattacks, there is no organization more central to the fight than the Federal Bureau of Investigation (FBI). And recent years have proven that the bureau still has some surprises up its sleeve. In early May, the U.S. Department of Justice announced the conclusion of a U.S. government operation called MEDUSA. The operation disrupted a global peer-to-peer network of computers compromised by malware called Snake. Attributed to a unit of the Russian government Security Service,…

How NIST Cybersecurity Framework 2.0 Tackles Risk Management

4 min read - The NIST Cybersecurity Framework 2.0 (CSF) is moving into its final stages before its 2024 implementation. After the public discussion period to inform decisions for the framework closed in May, it’s time to learn more about what to expect from the changes to the guidelines. The updated CSF is being aligned with the Biden Administration’s National Cybersecurity Strategy, according to Cherilyn Pascoe, senior technology policy advisor with NIST, at the 2023 RSA Conference. This sets up the new CSF to…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today