Cyber security in
the public sector:
Readiness and
strategies

Author: Mark Stone

The public sector is quickly becoming one of the biggest targets for cyber criminals. As attacks grow in frequency and sophistication across all industries, the public sector makes up a worrying percentage of targets.

In the last few years, disruptive and harmful attacks hit numerous American cities and even the UK's national health system. This is just the tip of the iceberg for cyber security in the public sector: Governments worldwide are being attacked with alarming regularity.

Recent hacking incidents targeting municipal and government institutions are skyrocketing—courthouses, libraries, hospitals, schools and government service agencies are vulnerable. While the consequences for some attacks are thankfully minimal, many were more significant. Typically, the severity level can be influenced by the types of data each institution holds.

Fortunately, there are ways to defend against cyber attacks, and it comes down to developing the right level of capabilities. In this article, we'll explore how government cyber security can catch up.

The threat to government cyber security

In 2017, the WannaCry ransomware attack struck the UK's National Health Service (NHS), bringing it to its knees in many parts of the country. Although the attack didn't specifically single out the NHS, it was a stark wake-up call—the government was not prepared.

The cost of the attack remains hard to quantify, although estimates for the financial cost came in at over $100 million, according to Digital Health. Far harder to define—and far more concerning—are the service interruptions that forced NHS staff to rely on pen and paper.

An attack like WannaCry on a national health system can have devastating implications for the well-being of patients, take critical infrastructure offline and cause potentially deadly delays.

The 2017 attack wasn't an isolated incident. According to Verizon's 2019 Data Breach Investigations Report, public sector organizations were the number one target across 19 industries examined. Another finding of concern was that almost 56% of breaches were not discovered for months after the initial attack.

The trend paints a deeply worrying picture for government cyber security: Not only are attacks happening regularly, but institutions may remain unaware of them on a large scale.

Government cyber security: Strategies to improve cyber security in the public sector

Some governments have been fortunate enough to avoid a truly cataclysmic cyber attack. But the above statistics suggest that an event of great magnitude could be on the horizon. Governments must take the proper steps to prepare. Being prepared for a cyber attack requires developing four critical capabilities:

1. Enhanced visibility into threats

The first step—and one at which public sector organizations are failing in huge numbers—is threat awareness. It's crucial to understand both internal threats (like malicious or uneducated employees) and external threats (like ransomware attacks).

Gaining a comprehensive understanding of the threats you face means you can then focus your investment on the areas that matter most. In turn, you can prioritize your resources properly and secure your organization more efficiently.

2. Robust protection for the entire attack surface

Since the COVID-19 pandemic began, the way we work has changed significantly, and the public sector is no exception. In fact, government operations are typically not as flexible as organizations in the private sector. With more people working remotely than ever before, an organization's attack surface is larger and more difficult to defend.

It's no longer enough to secure one fixed perimeter. You now need to secure critical infrastructure, assets and data—regardless of location—from the cloud to mobile to the Internet of Things (IoT).

In many cases, a rethinking of your entire security policy is required for cyber security in the public sector.

3. Accelerated compromise detection

With increasingly sophisticated attacks, it's necessary to move fast; agility is everything. Even a slight delay can cause an attack to run rampant through your network, compromising multiple assets and causing severe damage.

Public sector organizations need to work on shrinking the time between compromise and detection, ensuring attacks are identified almost as soon as they happen. This is the only reliable way to mitigate disruption, damage and liability.

4. Minimize impact and quickly restore operations

One of the worst impacts of a cyber attack for public sector organizations can be the resulting downtime, which can have financial implications due to the inability to collect parking fees, for example. Even more critical are the delays it can cause in services—especially for life-or-death situations as in healthcare and emergency services.

When it comes to cyber security in the public sector, you must be fully prepared for any attack. But the only way to do so is through practice. Make a plan, document it and practice it often.

If disaster does strike, you'll at least know what to do.

Public sector organizations and those dealing with government cyber security face a serious challenge in the coming years. Without a reliable and effective cyber security strategy in place, they stand to suffer from ever more harmful and frequent cyber attacks. However, it's entirely possible to help mitigate that risk by focusing on a few key areas to help avoid any major disasters.

Find out more about how Verizon can help you approach cyber security in the public sector and combine simplicity and sophistication to defend your data, assets and reputation.