Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity NewswireCybersecurity News

Employee Apathy and Overconfidence Threatens Security of Public Sector Organizations

Cybersecurity Leadership Images
March 7, 2018

One-third of Government worker respondents to a Dtex study believe they are more likely to be struck by lightning than have their organizations' data compromised.

The report, “Uncovering the Gaps: Security Perceptions and Behaviors of Today’s Government Employees,” reveals a consistent pattern of negligence and disinterest in developing positive security habits as well as significant gaps in threat awareness and risk identification.

Against a backdrop of growing concerns of large-scale cyber attacks and a recent wave of high-profile breaches linked to insider threats, the data indicates a prevalence of risky and careless behavior among government employees surveyed. In aggregate, the results also signal a broad expectation among these employees that their organizations should – and will – assume the primary responsibility of protecting sensitive work data and devices.

Some of the most findings in the report are:

  • A tendency to deflect or shift personal responsibility when it comes to security. Almost half (48 percent) of the government employees surveyed think responsibility for securing organizational data and devices falls squarely on IT professionals, senior leadership and colleagues, with only 13 percent putting the onus on themselves as individuals.
  • An inclination to gravitate to one of two extremes – apathy or overconfidence. More than half of respondents (53 percent) believe that no matter what proactive measures they take, a hacker will find their way in. On the other side of the spectrum, 30 percent think they are more likely to be struck by lightning than have their organizations’ data compromised.
  • A desensitization to the high probability and potential dangers of data compromise. When looking at what government employees fear most, only 14 percent report being afraid of someone infiltrating their organization and stealing files, trailing far behind potential scenarios such as a government collapse or food poisoning, and ranking it just three percentage points higher than alien invasion.

“We’re all – as individuals, as organizations, and as a country - facing near-constant security attacks, whether from trusted insiders, malicious cyber criminals or nation-state actors,” said Christy Wyatt, CEO at Dtex Systems. “With the increasing regularity and broad scope of insider-related incidents and breaches, it has become critical that public sector organizations improve security protocols and double down on intelligence-based, user-centric technology investments. The ability to both monitor and develop a contextual understanding of user behavior in real time is critical – not just in detecting and mitigating insider threats, but in this case, ensuring the continued safety of our nation.”

Filling the Organizational Security Gaps: From Awareness to Action

Gaps in knowledge versus engagement: The prevailing attitudes of overconfidence and apathy may be to blame for what is a notable discrepancy among survey respondents in understanding what responsible security behavior looks like and actually engaging in that behavior. For example, an overwhelming percentage of respondents perceive responsible security habits such as using an encrypted file system or reporting a colleague’s risky behaviors as important (90 and 86 percent respectively.) But fewer than one in three reported having done either in the last 60 days.

Gaps in risk perception and identification: While there’s a demonstrable grasp on what constitutes a positive security habit, the data reveals a second gap – this one, educational – when it comes to identifying and avoiding what should typically be deemed irresponsible or risky behavior. Of the government employees surveyed, only one in three (31 percent) believe that accessing company files or a work email account on their personal devices poses a security risk – and less than half see emailing confidential data or bypassing security protocols as potentially dangerous activities.

“Insider threats are plaguing the nation’s government organizations, no matter their size or focus – from the White House to political campaigns to local department offices,” said Jeff Miller, Director of US Public Sector at Dtex. “Each government employee has the potential to create a vulnerability with a single decision or action. And when they fail to recognize their role as ‘insiders,’ the risk to the organization increases exponentially as a result. With complete visibility into user behavior, it’s possible to spot the inconsistencies that equate to potential risks, improve employee education by identifying teachable moments, and ultimately, minimize the chances of a catastrophic cyber attack.”

Gaps in insider threat education and understanding: A large portion of government employees with security clearance seem to grasp the significance of insider threats, with 42 percent noting that they themselves pose the greatest risk to the security of their organization. However, nearly the same number (40 percent) – less than half – were able to correctly identify “insider threat” as an IT term, with the remaining 60 percent incorrectly reporting it to be a military, financial, sports, engineering or medical term.   

At the same time, more than three-quarters of respondents (77 percent) are confident that their organization has an educational program about insider threats. But the demonstrated lack of a basic understanding of insider threats, compounded by negligent and risky behaviors, indicates a significant need for continued and improved education across the public sector, from the federal government to small local agencies.

www.dtexsystems.com/uncovering-the-gaps.

KEYWORDS: cyber security data security security risk mitigation

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Fountain pen

Trump Administration Executive Order Changes Cybersecurity Policy

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cyber5-900px.jpg

    Cutting the Cost of Public Sector Cybercrime in 2018

    See More
  • cyber-data-protection-freepik456.jpg

    80% of organizations report employee abuse of access to business applications

    See More
  • green code on computer screen

    68% of organizations expect employee churn-driven cyber issues in 2023

    See More

Related Products

See More Products
  • 9780367259044.jpg

    Understanding Homeland Security: Foundations of Security Policy

  • surveillance.jpg

    Surveillance, Privacy and Public Space

  • Security of Information and Communication Networks

See More Products

Events

View AllSubmit An Event
  • April 23, 2025

    Employee Perceptions of Workplace Safety in 2025

    ON DEMAND: Workplace safety continues to be a critical concern in 2025, with employees across industries expressing growing concerns about their safety at work.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing