Right now, IT modernization is the bell of the ball for state and local government CIOs. In fact, 90 percent of state CIOs believe at least 20 percent of their systems need replacement or modernization, while nearly two-thirds view more than 40 percent of their systems as a legacy, a 2016 survey by NASCIO found.
And while CIOs everywhere — from Kentucky to Rhode Island — are pursuing updated and properly integrated systems with the aim to drive funding requests and agency spending, these initiatives may also introduce vulnerabilities by expanding network footprints and creating integration challenges among vendors and services.
The advent of the Internet of Things, cloud storage and other external services result in an increasingly blurred network perimeter, making it difficult to apply traditional perimeter-based security controls.
As state and local government agencies increase their digital transformation and modernization efforts, they must choose multilayered security solutions that not only provide an effective defense against modern threats but also keep an eye toward the future.
Agencies adopting a defense-in-depth approach to cybersecurity will find themselves well-positioned to combat these future threats.
Take the first steps toward a stronger security posture with these solutions:
1. Malware Protection and Detection Are a Public Sector Must
As many security threats arrive via malware vectors, agency cybersecurity teams should ensure that they are taking proactive, detective and reactive steps to protect systems against malware-borne threats. These controls should include deploying frequently updated anti-virus protection on servers, endpoints and network gateways. Agencies should also consider the use of advanced botnet and malware detection tools that incorporate threat intelligence information and provide a robust defense against evolving threats.
2. User Training Is a Government Cybersecurity Imperative
Cybersecurity starts and finishes with the user. No matter how robust an agency’s cybersecurity controls, a single mistake by an end user can undermine those efforts, providing attackers with access to sensitive information or granting them a foothold on internal agency networks.
Combating these efforts requires regular security awareness training that helps users understand the threats facing the agency and their individual role in protecting the confidentiality, integrity and availability of government information and systems. These efforts should include a particular focus on phishing and spoofing attacks.
3. Identify Active Threats with Network Monitoring
Network activity is one of the most important sources of information for cybersecurity teams seeking to maintain situational awareness and identify active threats.
Network monitoring activities fit into two major categories: passive and active. Passive network monitoring simply captures network traffic as it travels from point to point and monitors it for unusual activity. Active network monitoring actually manipulates network traffic by injecting test activity onto the network and observing its performance. This also plays an important role in network troubleshooting and performance monitoring.
4. Network Access Control Keeps Agencies Clued in on Permissions
In addition to regularly monitoring network activity, agencies should consider the implementation of network access control technology that regulates devices allowed to connect to the network.
NAC technology permits agencies to require user and/or device authentication prior to granting access to wired and wireless networks as well as VPN connections. NAC solutions also provide posture checking capability, which verifies that a device is configured in compliance with the agency’s security policy before it is allowed on the network.
To learn more, download our white paper, "Managing Cyber Risks in a Public Sector Environment."