When it comes to using the latest and greatest cybersecurity technology, universities and government agencies have always lagged behind their privatized counterparts. The federal government first released the cybersecurity risk determination report in 2018 and found 74% of universities and government agencies belonged to “at risk” and “high risk” categories. In the last four years, things haven’t changed much. IBM’s Cost of a Data Breach study reports that public sector data breaches cost about $2.07 million individually in 2022.
It’s easy to understand why government agencies are one of the favorite targets of cybercriminals. Local organizations store a huge amount of infrastructure and civilian data that attracts hackers and large-scale espionage backed by state-sponsored criminals. A Comparitech study shows that ransomware attacks have affected over 230 million people in the last four years alone.
Examples of Biggest Data Breaches
Government agencies have a long and embarrassing history of data breaches. However, some attacks were more devastating than others.
1. The Virginia Department of Health Professions (2009)
In 2009, the Virginia government’s prescription monitoring website was hacked by a criminal, and the Department of Health Professions (DHP) was shut down for days. The hacker stole data from about 8.3 million patients and 35 million prescriptions. After making an encrypted backup of the website, the hacker erased everything else and demanded a $10 million ransom for the encryption key. The officials refused to comply but luckily there’s no proof of the hacker selling the data to third parties. Since the website monitored drug abuse and patient usage patterns, it risked mass identity theft attacks.
2. Georgia Secretary of State Office (2015)
Back in 2015, the Georgia Secretary Of State Office used to mail CDs containing state voter details requested by the press and political parties. However, on a fine December day, the CDs mailed to 12 recipients contained more than voter names, addresses, race, and gender-they contained birthdays, driver’s license numbers, and social security numbers. When one of the recipients identified the error and notified the office, it gave birth to a highly publicized #PeachGate saga. Almost all Georgia voters (6.1 million) were affected by the data breach leading to multiple lawsuits, free credit monitoring programs for victims, and the firing of a system programmer.
3. The Office of the Texas Attorney General (2012)
In 2012, the state of Texas was embroiled in a case regarding voter ID laws. After being ordered to send a voter database to plaintiff attorneys for analysis, the Attorney General’s office accidentally sent a database of 13 million voters containing the social security numbers of 6.5 million Texans. The lawyers, after stumbling upon exposed SSNs, informed the office and a major cyberattack was averted. To date, this is one of the biggest government data breaches triggered by gross negligence.
How Can A University Reduce the Risk of a Data Breach?
Data breaches not only compromise sensitive data but also erode the public trust in institutions. As the Georgia and Texas incidents show, government offices need to have better documentation and security hygiene. If you’re a chief information officer (CIO) in a state or local government office, here are a few ways you can strengthen security at your organization:
1. Address employee liability
As the U.S. voter database leak suggests, employees without proper cybersecurity training can become a major liability. Train your staff to detect phishing attempts, find malware and respond to other socially engineered attacks. They must be aware of the pitfalls of data breaches and adhere to the security guidelines for device access and data handling. Holding frequent training sessions and updating on new trends can help employees stay on top of their games and alert authorities if an attack is detected.
2. Implement encryption
Data encryption has now become a buzzword in cybersecurity so it’s important to sift through the noise and implement it strategically. Government agencies must encrypt data both in transit and at rest. Since modern data management emphasizes real-time visibility and tracking, encryption may restrict that. On top of that, encrypting and decrypting data with keys consumes time. Agencies must chalk out plans to identify levels of encryption, backup databases with encryptions, and regularly change keys for secure transmission of data.
3. Establish clear cyber security policies
Security documentation not only helps everyone stay organized but also mitigates the damage in case of a data breach. Government agencies should implement detailed, concise, and effective SOPs for cybersecurity and have them revised frequently to stay up to date with new developments.
4. Regular updates of software
A basic security best practice that can shield most cyberattacks-agencies must update devices, operating systems, applications and extensions, firewalls, VPNs, and firmware as soon as software updates are available. Vendors push security patches to improve device integrity and thwart zero-day exploits so staff must be trained to install updates regularly.
5. Implement security monitoring solutions
Along with maintaining documentation and training staff to follow protocols, it’s important to use security tools to maintain cyber hygiene. Network security monitoring solutions, for instance, can proactively identify data leaks, alert users, and suggest remedies. Most security monitoring tools work 24/7 to offset downtime risks and offer intuitive dashboards for users to take immediate action.
6. Comply with PII regulations
The rise in identity theft hints that most organizations are not prepared to process sensitive personal data by keeping privacy in mind. When you comply with PII (personally identifiable information) regulations, you not only protect users but also organizations from lawsuits. Industries such as healthcare and the financial sector must follow HIPAA and PCI DSS respectively, while region-specific regulations such as CCPA in California and the GDPR in the EU must be considered as well.
7. Create a cyberattack response plan
Staying secure also means knowing how to respond if a cyberattack does occur. Government offices are often overwhelmed during a security crisis and this is where risk management checklists come into the picture. Identify affected devices, isolate them from the network and assess it for recovery. Alternatively, collect relevant logs and system images and inform compromise parties immediately. Contingency data protection plans give you the best chance to restrict damages and recover lost data quickly.
8. Introduce Email Authentication
To reduce the risk of data breaches, government agencies should introduce email authentication standards like DMARC into their email security compliance plan. The Cybersecurity and Infrastructure Security Agency (CISA ) recommends DMARC for ransomware protection and email information security. The FBI’s Internet Crime Report (2020 and 2021) highlighted the risk of information compromise through email along with recommendations for configuring email authentication protocols at organizations on every level.
Data security is a work in progress and local departments have to have a lot to cover in a short time. The way ransomware attacks are being carried out by enemy states, government agencies need to bolster their security protocols and protect public interests. The above steps should be a great way to start the process.
The post How To Reduce The Risk Of Data Breaches For Universities & Government 2023 appeared first on Datafloq.