Six critical public sector cybersecurity challenges
By Anthony Daniel, Regional Director, ANZ & Pacific Islands, WatchGuard Technologies
Friday, 08 September, 2023
With the dual goals of reducing costs and improving services offered to citizens, governments at all levels are increasingly streamlining their operations. Rather than relying on convoluted, paper-based processes, they are instead turning to more efficient digital alternatives.
One unfortunate consequence, however, has been a rise in the number of cybersecurity threats being faced by agencies. With many now holding large volumes of sensitive data about their citizens, they have become attractive targets for cybercriminals.
According to a recent international report, the number of attacks targeting the government sector increased by 95% in the second half of 2022 compared with the same period in 2021. Most of these attacks targeted government agencies in India, the United States, Indonesia and China.
Of all the cyberthreats faced by government agencies around the world, six of the most significant are:
1. Unauthorised intrusions into critical infrastructure
Facilities such as power grids, water treatment facilities and transportation networks have become prime targets for cyber attacks as they offer an opportunity for criminals to cause widespread disruption. To overcome this, government agencies must implement a multi-layered cybersecurity strategy to prevent, detect and stop such attacks.
According to a Forbes report on the public sector, most organisations need to increase their use of multi-factor authentication (MFA) to help guard against attacks. Also, to prevent attacks from causing significant damage, agencies need to establish advanced threat detection and response systems capable of identifying and neutralising attacks.
2. The threat of ransomware attacks
Just as they do in the private sector, ransomware attacks are posing an increasing problem for public sector agencies. If successful, they can result in widespread disruption and financial costs.
Effective strategies to combat ransomware attacks include educating staff about phishing emails and other attack vectors being used by criminals. Agencies should also invest in security tools such as multi-factor authentication, and network security and endpoint protection.
3. Espionage and data breaches
To support the provision of services to citizens, many government agencies collect and store large volumes of sensitive and personal information. This, in turn, needs to be effectively protected to ensure it doesn’t fall into the wrong hands.
Implementing MFA, advanced encryption methods and intrusion detection systems is crucial to help mitigate such risks. Agencies should carefully evaluate what tools are available and identify those that will afford them the best protection.
4. Supply chain attacks
When undertaking a supply chain attack, a cybercriminal is seeking to target a government agency by compromising less secure elements within the agency’s IT supply chain. One of the highest-profile incidents of this type was the 2020 attack on SolarWinds, which showed that even smaller local government entities connected to a compromised supply chain can be affected.
It is therefore very important for governments at all levels to adopt a layered approach to security across their networks, users and devices. They must also ensure their partners and suppliers follow cybersecurity best practices.
5. Insider threats
Not all cybersecurity threats are external and some can also occur within organisations. Whether malicious or accidental in nature, they can cause disruption to operations and service delivery. Research shows the prevalence of insider threats peaked at a record high in the third quarter of 2022, accounting for nearly 35% of all unauthorised access incidents.
Faced with these threats, government agencies can benefit significantly from following a zero-trust strategy as this provides a comprehensive way of protecting against a wide range of cyber attacks. Implementing robust access control, conducting regular security audits and utilising user behaviour can all deliver value.
6. An ongoing shortage of security professionals
Demand for qualified and experienced IT security staff continues to plague both private and public sector organisations, and the situation is unlikely to improve anytime soon.
As a result, growing numbers of governments are looking to outsource responsibility to a trusted managed security service provider. Others are examining how artificial intelligence and machine learning tools can help to automate security processes so that more can be achieved with fewer staff.
Taking a unified approach
With cyber attacks becoming both more prevalent and sophisticated, governments need to ensure they are taking a unified approach to the challenge. By understanding the threats, selecting the most appropriate tools and partnering with external experts where appropriate, they will be able to ensure their IT security measures are as effective as possible.
In this way, services can be effectively delivered to citizens while security of their personal data is maintained. The full benefits promised by the digitisation of processes will have been realised.
Phishing-resistant MFA: elevating security standards in the public sector
Phishing remains a significant issue for government agencies, and current MFA solutions often...
Building secure AI: a critical guardrail for Australian policymakers
While AI has the potential to significantly enhance Australia's national security, economic...
Building security-centric AI: why it is key to the government's AI ambitions
As government agencies test the waters of AI, public sector leaders must consider how they can...