Head of Security Steve Burden assures IT leaders in the public sector that plenty can be done to mitigate risks.
The government’s latest National Cyber Strategy was well-timed. Landing a fortnight before Russia’s invasion of Ukraine, it emphasises the importance of bolstering public sector and national security, against the backdrop of a fast-evolving threat landscape. In fact, the government wants the public sector to lead by example—by hiring security talent, hardening critical systems against attack, and managing cyber risk more proactively, especially across the supply chain.
Doing so won’t be easy, but it’s certainly achievable given the wealth of cloud-based security services and proven best practice advice available to IT leaders.
A new age of threats
However, it’s not all about Russia. Government organisations operate in a very different environment today than in the pre-COVID era. From remote working infrastructure to cloud infrastructure and new citizen-facing services, an explosion in digital transformation over this time has expanded the cyber-attack surface and created complexity that can be difficult for stretched IT teams to manage.
These skills are in particularly short supply when it comes to securing the cloud, which can lead to dangerous misconfigurations that expose sensitive data. This is not a theoretical risk. One researcher recently discovered that 90% of cloud databases inside Russia had been compromised and many of them wiped. What’s to say Russian hackers won’t do the same?
Today, cyber risk for public sector IT leaders is not just about the threat from nation states but also a vast and growing cybercrime economy worth trillions. Threat actors are innovating in greater numbers, with automation and service-oriented offerings enabling even those without tech skills to participate. And public sector data and systems remain a lucrative potential target.
Managing risk, building resilience
Fortunately, there’s plenty that IT leaders in the public sector can do to mitigate these risks. The key is to layer up security controls and cyber-hygiene best practices across the IT environment.
Start with the basics. The government’s strategy declares that all public sector organisations must be “resilient to known vulnerabilities and attack methods” by 2030. The best way of achieving this is by first understanding what assets you’re running and whether they’re missing patches or are misconfigured. This should happen across the estate on a near-continuous basis, followed by the appropriate remedial steps. The sheer volume of assets, configuration errors and published CVEs today means this process must be automated and actions prioritised according to risk.
Next, consider resilience at a network level with DDoS protection, SASE including zero trust access controls, and backups. Combine this with multi-layered protection across email, web apps, servers, cloud suites (SaaS), endpoints and mobile devices. This isn’t just about threat protection with anti-malware tools, but also detection and response to spot and contain threats that get through the perimeter. Improved user awareness and training will also help turn your weakest link into a solid first line of defence.
Daisy supports public sector organisations with threat prevention, detection, and monitoring capabilities from the endpoint to the network and out into the cloud. We help you to get the basics right and navigate the journey to become a more proactive, risk-aware organisation. In a world of elevated cyber-threats, nothing less will do.
This article originally featured in Public Sector Focus Magazine March/April 2022