For the public sector, it seems that cyberattacks are becoming larger and more targeted.
Atlanta is one of the latest victims of a wide-scale ransomware attack, which hit in the early morning of March 22 and locked down many of the city government’s systems and part of the Hartsfield-Jackson Atlanta International Airport’s Wi-Fi, Government Technology reports.
In working with federal authorities and response teams from industry partners, the city government was able to get its systems back online within five days, but even then some resident services were still unavailable, The New York Times reports.
Atlanta is certainly in good company when it comes to security breaches, Baltimore’s 911 dispatch system was hacked just one day after Atlanta recovered and the Colorado Department of Transportation also experienced a ransomware attack in early March.
Despite the best efforts of public sector IT teams, it can seem like cyberattacks are inevitable. And in fact, breaches on the whole have become more commonplace. According to a recent Cybersecurity Insight Report by CDW and research firm IDG, 46 percent of organizations in the U.S. have experienced a serious security breach, and 22 percent have discovered a near-breach in the last 12 months.
“Data breaches aren’t few and far between anymore. Whether it’s due to cyberthreats or employee negligence, sensitive data is being exposed at an alarming rate. More often than not, especially with the rise of malware, organizations might not even know that their systems have been compromised,” the report states. With public services riding on public sector systems remaining secure, how can government IT teams stay ahead of future attacks? The Cybersecurity Insight Report reveals seven ways to keep systems safe.
1. Establish a Dedicated Security Function
Oftentimes, when budgets and staff are stretched thin, public sector IT teams can double up duties instead of ensuring there’s a dedicated security team. Those organizations that have a security team, however, are likely to be more compliant for security protocols and proactive about breaches, the report notes. Moreover, organizations with a dedicated security team are more likely to see a boost in security funding.
2. Have a Quick-Action Plan in Place
Acting fast when a breach occurs can dramatically decrease its impact. “Financial impact, regulatory or compliance fees, loss of customers and negative brand impact are likely to grow (and increase the total impact) as a breach lingers,” the report states. Unfortunately, 31 percent of organizations in the survey reported that it took “weeks or longer” to remediate the breach.
Having a plan and disaster recovery tools in place can help to minimize damage and get an agency back up and running more quickly.
3. Budget Appropriately for Security
While budgets are on the rise in many organizations, 39 percent of respondents noted that their security budget has remained unchanged over the last two years. Properly funding security is a huge part of staying ahead of attacks.
To ensure proper funds, CIOs can act as cybersecurity champions.
4. Implement Technology that Offers Better Visibility and Predictions
It’s important to be proactive as opposed to reactive when it comes to adding tools that can better monitor IT systems.
What tools are helpful? Over a third of respondents “identify and assess cybersecurity vulnerabilities using information from patching or anti-virus tools, and the same percentage rely on information from Windows Update or inventory management tools,” the report states.
5. Engage with Trusted Third-Party Partners
Outsourcing services can help public sector IT teams keep up with everything from digital transformation to cybersecurity.
“A third-party partner can help organizations overcome … technology and organizational challenges by delivering a potent mix of tools and expertise, while also providing a broader focus on cybersecurity risks,” the report states.
It’s important, of course, to choose responsible vendor partners that are vetted appropriately.
6. Make End-User Training a Priority
"The human brain is our best 'technology' to respond to security threats, such as phishing scams and to ensure that data is protected appropriately,” West Virginia Chief Privacy Officer Sallie Milam told StateTech in a previous interview.
For this reason, end-user security training that evolves as tools and regulations change is essential to keeping threats out.
“Seminars, workshops and online training modules can teach end users how mobile devices and [the Internet of Things] possibly create new entry points for hackers,” the report notes. “Education initiatives can also drive greater adoption of end-user protocols, such as deploying security patches and updating software, by teaching employees that increased security is in their own best interest.”
7. Extend Security Responsibilities to Business and Legal Teams
Cybersecurity policies are often written by agency IT teams. In fact, 63 percent of respondents to the survey noted that IT management produces and enforces these policies. To flesh out policies more robustly and enforce them more completely, however, more organizations are bringing legal and management teams into the fold.
Going forward, public sector IT teams can implement these steps in their own time as long as they are sure to assess their needs appropriately, remain flexible and stay on top of the tools and techniques that can best protect against current threats.
“By scaffolding innovative technologies with cross-functional support and heightened security awareness, organizations can take proactive steps toward minimizing security risks,” the report states.