Data breaches at federal agencies involving personally identifiable information (PII) have been on a steady incline for the past several years. Knowing the ongoing struggles that agencies have with data security, the Federal government is taking steps to hire contractors to deal with future data breach fallout.
According to an article on the NationalJournal, the federal government is expecting to spend at least $500 Million on data breaches in the next 5 years. Knowing that data breaches are a reality, the government is currently bidding for data breach response and protection services, government-wide, instead of reacting with one-off contracts after a data breach occurs. The plan is to hire multiple contractors to have many teams ready when needed.
Even the best prepared organizations will suffer data breaches, so this proactive approach to data breach response shows a responsible level of security planning. "It signals an end to the 'It will never happen here because we have good IT teams' syndrome," said Costis Toregas, associate director of the Cyber Security Policy and Research Institute at George Washington University.
The risk of data breaches is higher than ever. With trends such as mobility and the cloud impacting how government employees and stakeholders access and use data, governments now face major challenges balancing data security and control with end-user flexibility and productivity. While we applaud the federal government for having a data breach response plan in place for all agencies, the onus is still on each agency to take preventative measures to protect critical information.
At Absolute, we advocate for a three-pronged approach to protecting data, including a data security policy that is clear and accessible; data security training across the board that is relevant and understandable; and layers of data protection technology in place that protect data wherever it resides and is moved to. To address the big picture issues like data security and workforce mobility, technology needs to be put in place that will restrict and monitor how data is used and accessed, no matter where it resides. Government organizations around the world rely on Absolute for endpoint security and data risk management solutions. Learn more about how Absolute can help here.