Abstract

The number of US breaches reported publicly for all levels of government between 2005 and mid-2016 was 314 with at least 148,491,010 records (not individuals) compromised. In spite of a decade of work to break down bureaucratic silos between agencies, partly in support of eGovernment initiatives, the standard of care over digital assets is not uniform either vertically (at multiple layers of government) or horizontally (across government service or functional categories). Meanwhile, agencies are often dependent upon external contractors that may not follow best practices for information asset protection (e.g., contractors implicated in the successful exploit against the US ...