“There are only two types of networks, those that have been compromised and those that are compromised without the operator’s awareness,” wrote James Scott, senior fellow at the Institute for Critical Infrastructure Technology, in a collection of essays on next-generation cyber defenses. The writers, ICIT fellows and industry security experts, voiced a common theme: Cyber threats continue to pervade government systems and no one solution is a cure-all.
The government sector is second only to the health care industry in system vulnerability and susceptibility to attack, based on total records breached, Scott wrote. In 2016, 36.6 million records were exposed, 13.9 million of which came from government systems.
Between 2010 and 2016, he said, federal and state agencies publicly disclosed 203 breaches, and there was a 40 percent increase in public-sector data breaches in 2016. Attackers exfiltrated personally identifiable information, such as names, birthdates and Social Security Numbers, as well as operational intelligence "that could be leveraged to impact the public, critical infrastructure, national security, or additional public and private sector organizations," Scott added.