Data and securityCyber SecurityHuman error ‘responsible for most local government data breaches’

Human error 'responsible for most local government data breaches'

Research finds there were 642 reported cases of data breaches within local government – second only to the health sector in volume

Most data breach incidents in local government were caused by human error, according to new research released by Egress Software Technologies.

Using data received from the Information Commissioner’s office, the software company found that there were 642 reported cases of data breaches within local government – second only to the health sector in volume.

Critically, the findings showed that the many of these incidents are attributed to human error, rather than external threat. The top-ranking incident types were:

  • Theft or loss of paperwork – 24 percent
  • [Other principle 7 failure] – 22 percent
  • Data faxed/posted to incorrect recipient – 19 percent
  • Data sent by email to incorrect recipient – 9 percent
  • Failure to redact data – 5 percent

Additional findings from the research included:

  • The courts and justice sector has experienced the most significant increase in incidents, a 290 percent hike since 2014, placing it in the top five worst affected industries by the last quarter of 2016.
  • Other significant increases can be seen in the central government and finance industries, with 33 percent and 44 percent increases, respectively.
  • The ‘human element’ – where internal staff have made mistakes – accounted for almost half of total data breach incidents: 44 percent October-December 2014, 43 percent 2015, 49 percent 2016.
  • Data shared in error is the single highest contributor to breaches year-on-year resulting from human error, annually, causing roughly one-third of incidents (31 percent 2014, 34 percent 2015, 31 percent 2016).

Tony Pepper, CEO and co-founder of Egress Software Technologies said: “We are all aware that security incidents are rising, but many may not suspect how large a proportion of these are down to error and lack of control over sensitive data.

“What the information from the ICO makes clear is that all businesses need to do more to better protect sensitive information. Meeting this challenge requires a combination of improved employee training and the communication of risks, and the deployment of the right technologies to minimise the number opportunities available for human error to take hold.”

Related Articles

Government announces projects to boost diversity in cyber security

Cyber Security Government announces projects to boost diversity in cyber security

3w Austin Clark
Learning, development and diversity will help close the cyber skills gap in 2019

Cyber Security Learning, development and diversity will help close the cyber skills gap in 2019

4w Simon Hember
Top public sector tech trends in 2019

Change Management Top public sector tech trends in 2019

1m Gary Flood
Microsoft aims to boost public sector cloud security through new guidance

Cloud Computing Microsoft aims to boost public sector cloud security through new guidance

1m Austin Clark
Infographic: Cyber Security in 2019

Cyber Security Infographic: Cyber Security in 2019

2m Austin Clark
Cyber security is about much more than technology

Cyber Security Cyber security is about much more than technology

2m Austin Clark
Q&A: How cyber security is changing in the public sector

Cyber Security Q&A: How cyber security is changing in the public sector

3m Austin Clark
NCSC defends UK from more than 10 cyber attacks a week

Cyber Security NCSC defends UK from more than 10 cyber attacks a week

4m Austin Clark