Local government saw a 20% decrease in data breaches between 2014 and 2016, a Freedom of Information request has revealed.
Figures obtained by supplier Egress Software Technologies found that while data breaches are on the rise in the private sector, the public sector has had fewer breaches.
In addition to the 20% drop in local government breaches since 2013-14, there was a 5% reduction in education breaches.
“This is great news and it is good to see some evidence of a potential turn in the tide,” said Tony Pepper, chief executive of Egress Software. “However, healthcare is still by far the biggest data breach culprit, and the number of breaches has risen by 13% over the past three years. So there is still some way to go.”
The healthcare sector, according to information released by the Information Commissioner’s Office, saw 184 total breaches between January and March 2016.
According to Egress, human error is still the biggest information security risk facing organisations, causing 62% of all data breaches.
Egress chief executive Tony Pepper said: “Human error and data breach incidents continue to go hand-in-hand.
“Time and again we’re faced with this reality and yet as today’s statistics show, little effective action seems to have been taken to improve the situation.”
“The fact that so many breaches are caused by methods of working that are known data breach pitfalls – such as faxing and posting sensitive information, or using plaintext email – should be a major concern for all organisations.”
Insecure webpages and hacking together only accounted for 9% of breaches across all sectors.
The figures also revealed that the courts and justice sector saw the biggest increase in data breaches at 500%.
All sectors, including the private sector are suffering an increasing number of breaches – with 66% of businesses suffering a rise over three years.
Pepper also said that organisations need to get their acts together on data security before the introduction of the EU General Data Protection Regulation (GDPR) in 2018.
This is set to increase monetary penalties for organisations found to have been in breach of the legislation.
Pepper said: “It is worth noting as well that public sector organisations won’t escape from the remit of the new legislation either.
“For example, although not reporting such a dramatic rise in the number of data breaches as some corporate organisations, the healthcare sector remains a serial offender at the top of the list year-on-year.
“Consequently, with the EU GDPR carrying serious implications for organisations across all industries, today’s statistics prove that changes must be made to improve the track record for data breach incidents these organisations are experiencing and help them to secure their data from start to finish.”
This article was amended on 2 June following Egress Software issuing a correction in its analysis of the FOI data. It originally said that there had been a 20% rise in local government breaches.