Federal Agencies Vulnerable to Security Threats, Study Says | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Federal Agencies Vulnerable to Security Threats, Study Says

October 17, 2013
by Rajiv Leventhal
| Reprints
Half of cyber security professionals say their agency is likely to be the victim of a denial-of-service attack in the next year

Government agencies often fail to take the user experience into account when deploying cyber security solutions, resulting in a variety of cyber threats including international cyber attacks, denial-of-service attacks, hackers, and data theft, according to a new study from MeriTalk, an Alexandria, Va.-based online community for government and healthcare IT issues.

According to the study—which was underwritten by the N.Y.-based Akamai Technologies—few federal cyber security professionals feel completely prepared for these threats. Seventy-four percent say they are not prepared for an international cyber attack, 74 percent say they are not prepared to support secure access for mobile devices, 70 percent are not prepared for a denial-of-service attack, and 70 percent are not prepared to secure cloud-computing environments. Prepared or not, these cyber attacks show no signs of slowing—half of cyber security professionals say their agency is likely to be the victim of a denial-of-service attack in the next 12 months.

As a result of the numerous cyber threats, cyber security professionals are focused on keeping data secure but fail to prioritize the user experience. Seventy-four percent of cyber security professionals say their top priority is preventing data theft, followed by ensuring a thorough web security strategy (56 percent), maintaining and upgrading security systems (55 percent), deploying the most up-to-date cyber security protocols (54 percent), and mitigating denial-of-service attacks (53 percent). Ensuring a user-friendly experience across all security applications comes in last on cyber security professionals’ list of priorities with only 40 percent reporting it as a top concern.

As security measures become less user-friendly, they also become less effective. Cyber security professionals estimate that almost half (49 percent) of all agency security breaches are caused by a lack of user compliance. These breaches are frequent with half of cyber security professionals reporting they witness a breach in their agency’s security policies at least once a week. According to cyber security professionals, the most challenging end user applications to secure are e-mail, external websites, and the internet from agency work stations. These are the same tools that more than 80 percent of end users rely on daily.

End users say cyber security measures hinder their productivity and as a result, admit to breaking protocol. Sixty-six percent of end users believe the security protocols at their agency are burdensome and time-consuming. Sixty-nine percent say at least some portion of their work takes longer than it should due to security measures. Nearly one in five end users can recall an instance where they were unable to complete a work assignment on time because of a security measure. As a result, 31 percent of end users say they use some kind of security work around at least once a week.

Despite frustrations, end users and cyber security professionals agree that cyber security should be a top priority for federal agencies. Ninety-five percent of cyber security professionals and end users agree that the deployment of cyber security measures is an absolute necessity to protect agencies from cyber threats such as data loss, data theft, and denial-of-service attacks. Almost all (98 percent) say keeping agency networks and data secure is everyone’s responsibility.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

Trump will Nominate Acting VA Secretary Wilkie for Permanent Position

Just a day after the Department of Veterans Affairs (VA) and Cerner inked their $10 billion EHR (electronic health record) deal, President Trump said he would be nominating Acting VA Secretary Robert Wilkie for the permanent position.

ONC Names API Server Showdown Stage 2 Winner

The Office of the National Coordinator for Health Information Technology (ONC) has named 1UpHealth as the Stage 2 winner of the “Secure API Server Showdown” challenge.

EHNAC Developing Trusted Exchange Accreditation Program

To align with the Trusted Exchange Framework and Common Agreement, the Electronic Healthcare Network Accreditation Commission, a nonprofit standards development organization and accrediting body, is working with other organizations to establish a new Trusted Exchange Accreditation Program.

Lawmakers Demand New VA CIO, Citing “Malign Neglect” on EHR Project

A group of Democratic federal lawmakers, five senators and six members of Congress, are calling out the U.S. Department of Veterans Affairs (VA) for what they call “malign neglect” in the agency’s efforts to achieve electronic health record (EHR) modernization.

Medical Record Access Proves Costly for Some Patients, GAO Report Finds

Federal law requires healthcare providers to give patients access to their medical records, but according to a new GAO report, some patients believe they’re being charged too much to access their records.

Parkland’s Innovation Bridge Takes ‘Genius Bar’ Approach to Digital Health Apps

Taking inspiration from the Apple Genius Bar and Ochsner Health System’s O Bar, the Dallas-based Parkland Center for Clinical Innovation in collaboration with Parkland Health & Hospital System has opened an “Innovation Bridge” to assist patients with health-related apps.