Published on PublicTechnology.net (https://www.publictechnology.net)

Home > 'More than half' of security breaches in public sector caused by human error

'More than half' of security breaches in public sector caused by human error

Written by Rene Millman on 4 February 2016 in News
News

A new report has found that more than half of data breaches in the UK public sector are caused by human error.

The study, commissioned by 8Man and carried out by Govnewsdirect, found that 55% of all security breaches originate from someone with access to systems. The report said that data loss can be malicious but more often than not, it is accidental or the result of human error.

The report questioned around 600 respondents in public sector organisations and local authorities at the end of last year. Over two-thirds (68%) belonged to local authorities, healthcare and education; 28%  of respondents were either at director or C-suite level, and 20% had either 'information' or 'IT' in their job title.

Nearly two-thirds (65%) had serious concerns regarding data security within their organisation with ‘errors by staff’ and ‘simple loss of data’ being the most pressing.

Perhaps, surprisingly, ‘denial of services by hackers’ was of least concern to those surveyed.

Related content

Councils [1] face intensified ransomware threat [1]
Lincolnshire staff restore systems following ransomware attack [2]

 

The report found that data loss through internal access was most readily explained because the extent of data being owned by multiple stakeholders and users. Over four-in-ten (42%) believed there were more than 10 other data owners in their organisation.

The research was carried out in order to help public sector organisations gauge themselves against other organisations as the new General Data Protection Regulation (GDPR) across the 28 European Union member countries comes into force.

“Whilst no questions specifically relate to the new EU legislation, this reform needs to be the focus for all data protection managers and data owners,” said the report’s authors.

The GDPR will strengthen the rights of all EU citizens to ensure that their data is properly secured and not subject to loss, illegal use or transfer to third parties.

“The scale of the fines being considered, for the most serious cases of data breach or mismanagement, are so significant that it will change data protection from being an IT issue to also becoming a concern for directors. Although the fines may be substantial, they will be minor compared to the loss of business reputation,” the report added.

Tags
Cybersecurity [3]
Data [4]
#block-views-events-popup-block{ position: fixed; bottom: -30px; padding: 25px 22px; width: 360px; max-width: calc(100% - 30px); text-align: center; border-radius: 0 4px 0 0; color: #fff; background: rgb(0, 170, 200) none repeat scroll 0% 0%; -ms-transform: translateY(100%); -webkit-transform: translateY(100%); transform: translateY(100%); -webkit-transition: all .35s ease-in-out; transition: all .35s ease-in-out; z-index: 2; } #block-views-events-popup-block.show{ bottom:10px; transform:none; -webkit-transform:none; } #block-views-events-popup-block a.btn.btn--outlineWhite { border-color: #fff; color: #fff; background: transparent; } #block-views-events-popup-block .events-popup-close{ position: absolute; cursor: pointer; top: -30px; left: 0; height: 32px; padding: 7px 20px; border-radius: 4px 4px 0 0; color: #fff; background: rgb(0, 170, 200) none repeat scroll 0% 0%; font-size: 13px; } #block-views-events-popup-block .events-popup-close .icon--events-popupClose{ padding-left: 10px; font-family: inherit !important; } #block-views-events-popup-block .icon--events-popupClose:before { content: ''; width: 12px; height: 12px; margin: -1px 7px 0 0; background: url(https://www.publictechnology.net/sites/www.publictechnology.net/themes/pubtech_override/img/close-thin.svg) center no-repeat; background-size: 10px; vertical-align: middle; position: absolute; left: 10px; top: 10px; } #block-views-events-popup-block .views-field.views-field-nid .field-content{ display:none; }

jQuery(window).load(function() { if(jQuery('#event-popup-nid').length){ var eventId = jQuery('#event-popup-nid').text(); jQuery.cookie('eventPageId',eventId); var countCurrentValue = parseInt(jQuery.cookie('countCurrentName')) || 1; var combinedValueValue = eventId+'-'+countCurrentValue; var countCurrentValue = parseInt(jQuery.cookie('countCurrentName')) || 1; jQuery.cookie('combinedValueName',combinedValueValue); const result = combinedValueValue.split('-'); if( result[1] <= 3 ) { jQuery('section#block-views-events-popup-block').addClass('show'); countCurrentValue = parseInt(result[1]) + 1; jQuery.cookie('countCurrentName',countCurrentValue); combinedValueValue = eventId+'-'+countCurrentValue; jQuery.cookie('combinedValueName',combinedValueValue); } jQuery('.events-popup-close').click(function(){ jQuery('section#block-views-events-popup-block').removeClass('show'); }); } });

(function(e,t,o,n,p,r,i){e.visitorGlobalObjectAlias=n;e[e.visitorGlobalObjectAlias]=e[e.visitorGlobalObjectAlias]||function(){(e[e.visitorGlobalObjectAlias].q=e[e.visitorGlobalObjectAlias].q||[]).push(arguments)};e[e.visitorGlobalObjectAlias].l=(new Date).getTime();r=t.createElement("script");r.src=o;r.async=true;i=t.getElementsByTagName("script")[0];i.parentNode.insertBefore(r,i)})(window,document,"https://diffuser-cdn.app-us1.com/diffuser/diffuser.js","vgo"); vgo('setAccount', '253344499'); vgo('setTrackByDefault', true); vgo('process');
Close
Sign up for our free daily newsletter
6472
Source URL: https://www.publictechnology.net/articles/news/more-half-security-breaches-public-sector-caused-human-error

Links
[1] https://www.publictechnology.net/articles/news/councils-face-intensified-ransomware-threat
[2] https://www.publictechnology.net/articles/news/lincolnshire-staff-restore-systems-following-ransomware-attack
[3] https://www.publictechnology.net/tags/cybersecurity
[4] https://www.publictechnology.net/tags/data