Government agencies need to be at high alert in regards to data breaches, as they are one of the most common targets of cyber criminals (the South Carolina Department of Revenue learned this the hard way earlier this year). According to the Privacy Rights Clearinghouse, government and military organizations allowed more than 4.7 million records to be exposed as a result of data breaches last year. However, one new study indicated that if a federal agency really wanted to take cybersecurity seriously, it would put some focus on securing its email system.
Government IT network provider MeriTalk released the results of recent study in October which showed that email was the most common way in which data leaked from an agency. Even though 79 percent of cybersecurity professionals within the U.S. government listed email security as a top priority, only about 25 percent of federal respondents thought their layered security system was top of the line.
Considering how many emails U.S. government workers send and receive, this could mean agencies are losing sensitive information on a regular basis. MeriTalk reported that a single federal agency receives and transmits approximately 47.3 million emails daily, while estimates for the entire U.S. government put the number of daily email correspondences at around 1.89 billion emails.
To combat leaks, encrypt emails
While there are multiple methods government agencies can use to protect sensitive data and communications from being leaked, one of the most effective methods is through encryption. However, the MeriTalk report found that most central government communications in the U.S. are unencrypted.
The study found that implementation was more often than not an issue, as opposed to lacking data security technology. After all, 83 percent of U.S. federal agencies allow their workers to encrypt emails, and 58 percent of federal IT professionals said that encryption was one of the best methods for preventing a data breach.
However, more often than not agencies and employees simply are not taking the time needed to keep email communications safe. According to the MeriTalk report, 45 percent of the organizations polled said that employees do not follow mandated guidelines, and 29 percent said a lack of proper training was at fault for lackluster cybersecurity implementation.
Is encryption the answer for addressing the subpar email security present with U.S. government email services, or would strategies such as application control be better at preventing the occurrence of data leaks? Leave your comments below to let us know what you think about the report’s findings!