Can you trust the US Government with your data?

Since 2014, the US government has suffered 822 breaches affecting nearly 175 million records. Based on the average cost per breached record (as reported by IBM each year), Comparitech estimate these breaches have cost government entities over $26 billion from 2014 to October 2022.

In 2018 and 2019, the number of government breaches hit an all-time high with 116 and 118 breaches respectively. In 2020, breaches decreased to 107 before increasing again to 116 in 2021. So far this year, there have been 61 data breaches affecting 2.9 million people.

The amount of records affected during these data breaches has reduced significantly in the last few years. 2018 saw a colossal 83 million breached records. They mainly stemmed from one breach on the US Postal Service, affecting 60 million records. In 2019, this figure dropped to 1.4 million before hovering around the 3 million mark for the next three years.

Over the last four years, the average number of records involved per government data breach has increased. From 17,400 in 2019 to 42,097 in 2020 and 40,440 in 2021, the average number of records affected per breach in 2022 currently stands at 71,534. While the frequency of attacks may have declined, the impact of individual attacks has increased. The true extent of breaches often isn’t felt for months, if not years, so the average number of records affected per breach for this year could increase even further yet

Key findings include: 

From 2014 to October 2022:

  • 822 government entities suffered data breaches
  • 174,963,934 records were affected because of these breaches
  • The cost of these affected records was $26 billion
  • 2019 was the biggest year for breaches with 118 in total, followed closely by 2018 and 2021–both with 116
  • 2018 had the highest number of records affected– 83,293,815 in total
  • California had the most breaches overall (108) and the District of Columbia had the highest number of records affected overall (91.2 million). DC’s vast number of affected records stems from many government offices being based here
  • The most common type of breach was hacking with 256 breaches. Those involving inadvertent disclosure were the second-largest breach type with 192 breaches
  • Cities/towns were the most-affected government entity type from 2019 to Oct 2022 with 124 breached, while counties were breached 56 times during the same time period

From the start of 2014 to October 2022, data breaches have approximately cost US government organisations over $26 billion.

While this figure sounds relatively high for these 822 data breaches, the true costs are likely much higher. This is not just because of all of the other costs involved in a data breach (e.g. recovery costs and ransom payments) but because some figures are unavailable for the number of records involved in these breaches.

The post Can you trust the US Government with your data? appeared first on IT Security Guru.

Edinburgh’s Adarma partners with The Princes Trust to support inclusivity in cybersecurity

Adarma, the UK’s largest independent cyber threat management company, has today announced a new partnership with The Prince’s Trust to launch a ‘Get Started in Cybersecurity’ programme aimed at empowering individuals between the ages of 21 and 30 with cyber skills training and driving greater inclusivity within the industry.

Adarma’s CEO, John Maynard, will join the Trust’s Technology Leadership Group and sit alongside representative members of over 50 companies, including Deloitte, Cognizant, Google and AWS, to offer support through fundraising and volunteering expertise.

The cyber skills shortage has long been a sticking point for the industry. According to a survey by the Information Systems Security Association (ISSA) and Enterprise Strategy Group (ESG) in 2021, over three quarters (76%) of respondents are finding it extremely or somewhat difficult to recruit and hire security professionals. Moreover, 95% believe that the skills shortage has not improved over the last few years, while 44% assert it has only worsened. Adarma endeavours to be a part of the solution to this ongoing concern by inspiring and nurturing a vast, and frequently overlooked, pool of talent. Central to Adarma’s purpose is to make the route into cyber more accessible for neurodivergent communities and individuals from disadvantaged backgrounds.

Get Started in Cybersecurity is a 2-week programme offering a mix of classroom and on-the-job learning opportunities aimed at giving the participants an understanding of the cybersecurity industry. This comprehensive programme will cover various aspects of cybersecurity, including common industry language, the digital security challenges businesses face, and the technology and solutions that enable businesses to protect their networks from attackers. While the Prince’s Trust will lead recruitment for the programme and provide pastoral support, Adarma will ensure cyber industry experts are on hand to deliver content and to share experiences. They will also establish apprenticeships within the company and across their wider partner network, allowing participants to realise a career in the field.

The long-term ambition is to develop a bespoke three-month “Get into Cybersecurity” employability programme, which will upskill diverse talent into live vacancies. Finally, Adarma will also advise and support The Prince’s Trust, as required, on a programme of work to strengthen the charity’s cybersecurity posture in today’s intensified threat landscape.

We are delighted to partner with Adarma” said Julia Beaumont, Chief Technology Officer of The Prince’s Trust. “Adarma’s passion for solving cybersecurity challenges in the real world aligns with the ambitions of The Prince’s Trust to ensure that every young person should have the chance to embrace exciting opportunities. Cybersecurity is central to our own digital transformation here at The Prince’s Trust and Adarma’s help will be invaluable. 

“We believe that the cyber skills gap and the lack of diversity and inclusion within the cybersecurity industry is a self-inflicted issue as we have collectively failed to tap into whole segments of young people who have the capability and potential to make great contributions to the industry and, as an industry, we have created a number of barriers to awareness and entry into the field of cybersecurity,” said John Maynard, CEO of Adarma.

Joanne Gilhooley, CMO of Adarma added, “We have long believed in the power of driving diversity, equity, and inclusion into the cyber skills market, and this is one avenue that we are delighted to explore. The Get Started in Cybersecurity program from Adarma is an opening up of the industry for many young individuals that had not previously considered cybersecurity as a career. We are excited to see these young people reach their full potential and the positive impact they will have on the industry. I’m proud of the company for taking part in this initiative and leading the way for more diversity and inclusivity.”

We are very excited to launch this first of its kind development program and are honoured to have Adarma on-board to help us, not only to advance our cybersecurity defences, but volunteer their time and expertise to open up the world of cybersecurity to young people across the UK,” said Craig Wilson, Senior Head of Delivery at The Prince’s Trust.

We work with young people from all walks of life, many of whom come from disadvantaged backgrounds. This partnership will do wonders to instil confidence as well as providing the tools for participants to excel in an industry that has otherwise been illusive and closed off to them. We believe ‘Get Started in Cybersecurity’ is a positive step towards making careers in cyber more accessible

The post Edinburgh’s Adarma partners with The Princes Trust to support inclusivity in cybersecurity appeared first on IT Security Guru.