Jerry Petersen
A recently released study titled “2024 Data Threat Report — Federal Edition” reveals that, in 2024, only 13 percent of federal agencies and organizations reported having suffered a data security breach over the preceding 12 months, a significant decline compared to 2021, when data breaches were reported by 47 percent of respondents, according to Gina Scinta, the deputy chief technology officer at Thales Trusted Cyber Technologies.
Government Policies to Enhance Cybersecurity
The study, commissioned by Thales and prepared by Standard & Poor, attributes this improvement in the cybersecurity landscape to a number of factors, including the issuance of multiple government directives like the Executive Order on Improving the Nation’s Cybersecurity in 2021 and the National Cybersecurity Strategy in 2023, Scinta said in a column published Wednesday on the Federal News Network.
The federal government has also made $13 billion worth of civilian cybersecurity-related investments part of its budget request for fiscal year 2025.
Existing & Emerging Cybersecurity Challenges
Despite these developments, the study notes an increase in cyberattack incidents, particularly malware, phishing and ransomware, as reported by nine out of 10 federal organization respondents. The study also notes growing risks stemming from emerging technologies like artificial intelligence, which is being experimented with by 27 percent of respondents, and which is expected to be integrated into the products and services of 31 percent of respondents over the next 12 months.
Another emerging technology of note is quantum computing, which is believed to be capable of overcoming traditional encryption techniques. Of the respondents that consider post-quantum cryptography to be a threat, 44 percent are looking into resilience contingency plans while 50 percent intend to prototype or evaluate PQC algorithms over the next two years.
Employing Best Practices
To address these issues, the study recommends that agencies employ data protection best practices like phishing-resistant multifactor authentication; the encryption of data at rest, in transit and in memory; the securing of cryptographic keys separately from encryption software; and the implementation of quantum-safe cryptography.
Scinta said these mitigation efforts are a challenge that require the cooperation of agencies and their vendors.
Register now to attend the Potomac Officers Club’s 2025 Cyber Summit, which will feature cyber experts, government decision makers and industry executives to explore innovative solutions for a secure and resilient public sector.
