The resilience of the Public Sector continues to be tested on a daily basis. As the pandemic gripped nations, Public Sector bodies rapidly embraced the remote working set-up, performing activities in a way they would not have thought of before the pandemic.
A survey conducted by by the Ponemon Institute found that Cyberattacks in the public sector are becoming relentless, with 88% of surveyed organisations have suffering at least one damaging cyberattack over the past two years. 62% have experienced two or more. These attacks have resulted in significant disruption, downtime and in some cases damage to reputation.
Even with the global pandemic, technology and cyber security still continue to be key drivers for making government departments more effective and for public services to be securely accessible for those who rely on them and for this reason, Public Sector bodies are heavily reliant on good cyber security to underpin interactions that are made with millions of citizens on a daily basis.
At the same time, cyber-criminals are finding more security gaps to exploit and abuse, whether they are present in existing public-facing technologies or in new developments such as Internet of Things (IoT) solutions. When ranking their top cybersecurity concerns for 2019, 65% of public sector respondents indicated they were worried about attacks involving IoT or OT assets.
During time of unprecedented change and uncertainty, it is vital that Public Sector bodies implement a dynamic strategy that enhances relevance in the digital world, but also fosters an intelligence-led security plan aimed at delivering Public Sector outcomes, rather than responding tactically to every single new threat out there.
Public Sector Bodies should be asking themselves these six key questions
- Have we identified our ‘crown jewels’ and the high-value assets we should be protecting?
- Is cyber security featured on our corporate risk register?
- Which group or Board is responsible for leading our cyber security activity and policy?
- What security KPIs/metrics are we receiving to demonstrate our security programme is effective?
- Have we prepared and tested our cyber incident response plans through cyber incident scenario planning?
- How are we educating our staff about cyber-security threats and how do we know that our security training programme is working, especially in a remote working environment?
The key to cyber resilience is a solid foundation
Security teams must ensure they have the basic security foundations in place before investing in expensive technology solutions. Examples of foundation practices can include robust privilege access management processes. Poorly managed privileged access management can lead to unauthorised access to systems and sensitive data.
Cyber Threat Intelligence (CTI) is also vital in an environment where cyber threats are becoming more sophisticated and targeted. Legacy monitoring tools can consume numerous sources of threat data, but these technologies do not necessarily provide evidence-based context which turns information into ‘actionable intelligence’.
CTI can help Public Sector Security teams answer questions such as:
- What threats are changing over time?
- What are the threats to our citizens?
- What types of threats are occurring in the industry?
- Who might want to steal our intellectual property and how will they likely try to do it?
The need to develop a cyber resilient culture
As Public Sector employees operate in a more remote environment, it is even more important to be aware of security risks- remember, security is no longer just the responsibility of the IT Team! A key aspect of this is to educate the executive team and implement a 'Public Sector-wide' culture of cyber security awareness, capable of continually evolving and adapting to evolving cyber threats.
It is clear that digital transformation is driving huge opportunities across the Public Sector to ensure services are as accessible and secure as possible, however the sector cannot afford to take its eye off the ball at a time when cyber criminals and other hostile actors in cyberspace become more determined and targeted.
While the traditional cyber security mechanisms may prevent and detect conventional attacks, the Public Sector must implement a holistic approach which not only identifies and detects a cyber attack, but also respond quickly when a cyber attack occurs - this is Cyber Resilience.
