As attacks ramp up, governments must get their policies—and processes—in order.
In 2021, the tiny town of Grass Valley, CA (population 12,891) was the unwitting victim of a cyberattack. Only recently did authorities begin alerting citizens whose data had been breached.
Social Security numbers, driver’s license numbers, financial account information, payment card information, limited medical or health insurance information, passport numbers, and username and password credentials to an online account were all compromised. It was a huge blow for local government leaders and the folks that trusted them—not to mention the ransom paid for release of the data.
It’s no wonder security is top of mind for governments everywhere, especially after 18 months of rolling out new ways to digitally interact with citizens while supporting a newly remote workforce.
The threat environment is only growing more sophisticated and the stakes are getting higher. Every government organization—large and small—faces three key challenges as they look to the future.
#1) How can we enhance security as we update IT infrastructure?
Strong policies and frameworks are an important building block in creating more secure environments, but it’s processes and systems that ultimately keep cybercriminals and state-based actors at bay.
Modernizing IT platforms is a major priority for governments—cited as one of the main steps being taken to improve citizen and employee experiences (53%) and to make operations more resilient (48%), according to research from ThoughtLab, commissioned by ServiceNow.
Cloud adoption is enabling governments to achieve more flexibility and efficiency in the way they work, so they can deliver better services to citizens. That means data must move off-premises. Entrusting that data to third-party cloud providers raises important questions, such as:
· How are permissions managed to access systems and data?
· Where are the data centers located? Will the data always be kept inside the country?
· What kind of responsibilities does the provider have to keep data secure?
Because cloud solutions are so critical to the future of government, cloud providers must meet increasingly strict guidelines and vetting programs to be considered. For instance, Australia’s Information Security Registered Assessors Program (IRAP) and India’s Ministry of Electronics and Information Technology (MeitY) each provide extensive guidelines and requirements for cloud providers to meet. Strong accreditation programs like these help to ensure cloud environments continuously evolve to meet the highest standards.
#2) How can we move faster to respond to threats?
Even with the best safeguards in place, employees are going to make mistakes.
Human error is one of the biggest causes of data breaches. One in four employees admit to clicking on a phishing email at work, according to a recent study from Stanford University. Nearly half of those employees attribute their mistake to simply being distracted.
To fix problems quickly, security and IT teams need a clear, singular view of what’s happening across the entire organization. But often there are multiple tools monitoring different systems across agencies and departments. When a vulnerability or issue is detected, problems tend to be prioritized on the fly, without a true understanding of which one could have the biggest impact.
Teams need a better way to digest all the data coming at them. Increasingly, they are using artificial intelligence to help analyze and make sense of the data more quickly. Machine learning and AI can help teams not only detect the root cause of problems, but also evaluate operational controls so that security can be continuously improved.
Governments are also looking at workflow automation to help reduce some of the manual effort involved in moving information along—so that teams automatically receive the right data at the right time without waiting for an email or spreadsheet to be pushed along.
When technology becomes integrated into everyday interactions, teams can move faster to keep data safer.
#3) How can we prevent future threats proactively?
IT and security teams need better collaboration tools to defend against future cyberattacks. This starts by giving them one place to view data about security threats from across the entire organization and share how problems are being addressed in real time so everyone is working from the same page.
But individual organizations can only do so much.
Cyberespionage and cybercrime gangs have become bolder and more sophisticated, making it imperative for governments to collaborate and share information with each other as well. For example, in Spring 2021, Microsoft launched the Asia-Pacific Public Sector Cyber Security Executive Council to bring together policy makers from federal and state governments across the region to share best practices and threat intelligence.
Securing the digital future
Every government is laying out a unique roadmap for the digital future they envision. And while digitization invites new risks and questions, it does not mean security must be sacrificed. Quite the opposite. Technology is imperative to creating a more secure digital future for government data. But security must be part of the process every step of the way.