Industry Brief

Local Government: 2023 Sensitive Content Communications Privacy and Compliance

Industry Findings and Takeaways


Communication Tools in Use








Less than 4

Average Annual Budget for Communication Tools




$350,000 – $499,999


$250,000 – $349,999


$150,000 – $249,999


$100,000 – $149,999

Number of Third Parties With Which They Exchange Sensitive Content


2,500 – 4,999


1,000 – 2,499


500 – 999


Less than 499

Attack Vector Weighted Score (based on ranking)


Denial of Service


Man in the Middle




Zero-day Exploits and Attacks


URL Manipulation


SQL Injection


Password/Credential Attacks


Session Hijacking




Cross-site Scripting


Insider Threats


DNS Tunneling


Malware (ransomware, trojans, etc.)

Exploits of Sensitive Content Communications in Past Year


7 – 9


4 – 6


2 – 3



Level of Satisfaction With 3rd-party Communication Risk Management


Requires a New Approach


Significant Improvement Needed


Some Improvement Needed


Minor Improvement Needed

Schedule a Demo

Local Governments Continue to Face a Never-ending Wave of Cyberattacks

Local governments face a never-ending wave of cyberattacks. According to the Verizon 2023 Data Breach Investigations Report (DBIR), the public sector had the most cyber incidents and attacks this past year.1 Rogue nation-states and cybercriminals recognize local governments are resource constrained and send and share high volumes of personally identifiable information (PII), protected health information (PHI), and other types of sensitive content, both within their organizations and often with thousands of third parties. Breached data is held for ransom, sold on the dark web, and used for other nefarious purposes. Sensitive content targeted by cyberattacks include public safety information, budgets and financial data, collaboration on urban planning projects, data on infrastructure and planning projects, social services program data, criminal background information, personally identifiable information (PII), and more. Further, in the compliance era, local governments must protect file and email data communications while demonstrating compliance with various data privacy regulations.

Too Many Communication Systems Heighten Risk

Kiteworks’ 2023 Sensitive Content Communications Privacy and Compliance Report finds that local governments rely on a variety of different communication tools to exchange sensitive content. Approximately 7 out of 10 local government agencies use five or more. These pose significant hurdles for local governments, making it difficult to safeguard private information. For local governments, which are local resource and budget constrained, nearly half spend $250,000 or more annually on communication tools.

Approximately 7 out of 10 local government agencies use five or more communication tools for exchanging sensitive content.

Evaluating Third-party Content Communication Risks

For local governments, email is listed as the communication channel with the highest risk, with one in five respondents ranking it as the top risk. File sharing comes in second with 35% of respondents ranking it number 1 or number 2.

Local governments lack governance tracking and controls around sensitive content communications. Only 4% of local governments—by far the lowest of every industry segment—indicate they have a comprehensive system in place to effectively track and control access to sensitive content folders across all departments. The same percentage of local government respondents admitted they do not track and record third-party access to sensitive files and folders—activity such as who viewed a document and when, who edited a document and when, who downloaded a document, and who shared a document and when.

Due to porous gaps in governance, local governments have significant risks. Approximately three out of five local government agencies experienced four or more breaches in sensitive content communications in the past year. It is not surprising that 87% of local government agencies recognize the need to enhance their sensitive content communication risk mitigation strategies. Of these, 74% require significant or some improvements, while 13% require a new approach to third-party communication risk management.

Challenges in Digital Risk Management for Local Governments

When it comes to prioritizing digital rights management (DRM), local government agencies list automating encryption, file sharing, reporting, and other processes (61% ranked it as a top three priority) and unifying management, tracking, policies, and reporting (48% ranked it as a top three priority) as their top two DRM priorities. Respondents indicated that the biggest hurdle facing them on the DRM front is agents or specific software in clients to open an unencrypted file with external third parties. Often, when third-party recipients cannot open an encrypted file, they revert to workarounds that create risk.

Over half of local governments rely on four or more systems to manage sensitive content communications with third parties.

Kiteworks and Local Governments

There are varying types of sensitive content that local governments send and share with first and third parties. The Kiteworks Private Content Network enables local governments to apply DRM-based tracking and controls based on the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). Comprehensive audit logs can be integrated into SIEM and SOAR systems or viewed separately in the CISO Dashboard. Kiteworks uses a hardened virtual appliance that includes an embedded network firewall, WAF, and antivirus and employs an advanced security approach that integrates DLP, CDR, and ATP and includes AI-enabled anomaly detection. This ensures that private content sent and shared by local government agencies is secure.

1 “2023 Data Breach Investigations Report,” Verizon, June 2023.


Get started.

It’s easy to start ensuring regulatory compliance and effectively managing risk with Kiteworks. Join the thousands of organizations who feel confident in their content communications platform today. Select an option below.


Avec Kiteworks, se mettre en conformité règlementaire et bien gérer les risques devient un jeu d’enfant. Rejoignez dès maintenant les milliers de professionnels qui ont confiance en leur plateforme de communication de contenu. Cliquez sur une des options ci-dessous.

Jetzt loslegen.

Mit Kiteworks ist es einfach, die Einhaltung von Vorschriften zu gewährleisten und Risiken effektiv zu managen. Schließen Sie sich den Tausenden von Unternehmen an, die sich schon heute auf ihre Content-Kommunikationsplattform verlassen können. Wählen Sie unten eine Option.

Get A Demo