Andy Riley, Director of Public Sector Sales offers advice on how the public sector can mitigate cybersecurity risk.
Public sector organisations face an ongoing battle to fend off cyberattacks – you only need to read the news headlines to see the latest cybersecurity incident. Hackney Council found out the hard way towards the end of last year, when its IT systems and services were the target of a serious cyberattack. There are no signs that cybersecurity challenges are getting easier either; in October the National Cyber Security Centre revealed a 20% increase in the number of major cyberattacks it blocked in the last year. The financial cost of successful cyberattacks is huge, with figures from the Ponemon Institute revealing the cost to large organisations is on average, £5.3m.
The WannaCry ransomware attacks that severely affected some NHS Trusts in 2017 demonstrated that no one is immune to cyber breaches. But the public sector doesn’t need to feel like it’s facing the Galactic Empire’s Death Star when it comes to cyberattacks, there are some simple steps that can be taken to minimise risk.
Harnessing ‘The Force’ of cyber awareness
Today, mass digitisation means more systems and devices are connected to the Internet and one another than ever before. In addition, the pandemic has forced a huge shift towards home and mobile working, further increasing the potential security risk vector. Although there is no quick fix for cybersecurity issues, there’s plenty that public sector organisations can do to reduce the risks they face. As a first step, organisations need to take stock of all their IT assets; is endpoint security in place? Are cloud services adequately secured? Are systems regularly monitored for signs of an attack? In addition, have staff been educated on how to spot a phishing attack and been taught cybersecurity best practice? Taking these basic steps goes a long way to helping avoid catastrophic breaches, but as attacks become more advanced, threat detection technology needs to follow suit.
Advanced detection
Like having an all-knowing Yoda on your side, artificial intelligence (AI) and machine learning (ML) learning can take the pressure off already stretched IT teams, via advanced threat detection technology to identify threats that might otherwise go unnoticed and dispatching more basic threats autonomously. In addition, IT teams can put in place centralised patching alongside backup and recovery solutions to ensure business continuity and keep systems online – even after an attack.
Security as a priority
COVID-19 forced a massive unplanned digital transformation for the public sector, but good can come out of adversity, pushing some important issues into focus. We have seen that security can often fall by the wayside in the haste to get staff online, but this needs to be addressed as a priority to avoid being the next news-headline. Acronis by Daisy can help public sector organisations tackle challenges by providing comprehensive managed security solutions that do the heavy lifting for diminished IT departments. Acronis can help to handle multiple aspects of cybersecurity, with backup, disaster recovery, anti-malware, and patching included as a single service.
This article was originally published in Public Sector Focus Magazine January/February 2021 Issue