Data and securityCyber SecurityHuman error ‘responsible for most local government data breaches’

Human error 'responsible for most local government data breaches'

Research finds there were 642 reported cases of data breaches within local government – second only to the health sector in volume

Most data breach incidents in local government were caused by human error, according to new research released by Egress Software Technologies.

Using data received from the Information Commissioner’s office, the software company found that there were 642 reported cases of data breaches within local government – second only to the health sector in volume.

Critically, the findings showed that the many of these incidents are attributed to human error, rather than external threat. The top-ranking incident types were:

  • Theft or loss of paperwork – 24 percent
  • [Other principle 7 failure] – 22 percent
  • Data faxed/posted to incorrect recipient – 19 percent
  • Data sent by email to incorrect recipient – 9 percent
  • Failure to redact data – 5 percent

Additional findings from the research included:

  • The courts and justice sector has experienced the most significant increase in incidents, a 290 percent hike since 2014, placing it in the top five worst affected industries by the last quarter of 2016.
  • Other significant increases can be seen in the central government and finance industries, with 33 percent and 44 percent increases, respectively.
  • The ‘human element’ – where internal staff have made mistakes – accounted for almost half of total data breach incidents: 44 percent October-December 2014, 43 percent 2015, 49 percent 2016.
  • Data shared in error is the single highest contributor to breaches year-on-year resulting from human error, annually, causing roughly one-third of incidents (31 percent 2014, 34 percent 2015, 31 percent 2016).

Tony Pepper, CEO and co-founder of Egress Software Technologies said: “We are all aware that security incidents are rising, but many may not suspect how large a proportion of these are down to error and lack of control over sensitive data.

“What the information from the ICO makes clear is that all businesses need to do more to better protect sensitive information. Meeting this challenge requires a combination of improved employee training and the communication of risks, and the deployment of the right technologies to minimise the number opportunities available for human error to take hold.”

Related Articles

Secure in the cloud

Cloud Computing Secure in the cloud

2h Guest Writer
Six top security and risk management trends revealed

Cyber Security Six top security and risk management trends revealed

1w Austin Clark
DDoS Defence Demands a Hybrid Approach

Cyber Security DDoS Defence Demands a Hybrid Approach

2w Guest Writer
NHS Digital joins forces with IBM to beef up NHS cyber security

Cyber Security NHS Digital joins forces with IBM to beef up NHS cyber security

2w Austin Clark
HMRC storing voice ID data 'without consent'

Cyber Security HMRC storing voice ID data 'without consent'

3w Austin Clark
Government’s rapid cloud adoption lacks security (Infographic)

Cloud Computing Government’s rapid cloud adoption lacks security (Infographic)

1m Austin Clark
Combatting the cyber security skills crisis: Retraining could help public sector digital transformation

Cyber Security Combatting the cyber security skills crisis: Retraining could help public sector digital transformation

1m Guest Writer
The need for a strategic approach to cyber security purchasing

Cyber Security The need for a strategic approach to cyber security purchasing

2m Guest Writer