Ten Ways To Elevate Public Sector Cyber Security

Uploaded on 2024-02-19 in TECHNOLOGY--Resilience, FREE TO VIEW

Across the past 18 months, a variety of major global hacking campaigns have plagued public sector groups; from government agencies, to hospitals, to educational institutions.

During the second quarter of 2023, cyber attacks affecting public sector organisations increased by 40 percent, as compared to the first quarter. By the third quarter of the year, attacks increased by 95 percent.

The growing volume and sophistication of incidents implies that public sector organisations have a tremendous challenge ahead of them.

Many public sector organisations aren’t secure enough, and some are languishing when it comes to improving security – likely because next steps are somewhat hazy. However there are tangible strategies that can be applied to help them build resilience in the face of changing cyber threats.

Ten ways to elevate public sector cyber security

1.    Secure Access Service Edge (SASE):  Can offer significant advantages for public sector organisations. In particular, it can ensure consistent policy enforcement, secure access-from-anywhere, and least-privileged permissions. SASE also automates certain tasks and reduces complexity for security administrators. In short, SASE is known for contributing to robust security while supporting flexible connectivity and simplifying security management for all stakeholders. 

2.    Endpoint Security:  Endpoints, from laptops, to servers, to mobile devices, to printers and scanners - are frequently considered to be the weakest elements in an organisation’s network. Around the world, millions of government and public sector employees use one or more of these types of devices everyday. In other words, there’s a lot of opportunity for hacker malintent that can lead to losses. In many cases, public sector entities under-appreciate the risk associated with endpoint devices, as it’s not viewed as a high requirement for IT procurement contracts, rendering endpoints inadequately secured. 

3.    Security Information & Event Management (SIEM):   These solutions are designed to provide context around detection of cyber security threats. An SIEM will collect logs from systems and security solutions across a network, placing them into a single, centrally managed location. Data collected via SIEM is aggregated from a number of different systems, which may use different numerical benchmarks. To allow administrators to perform comparisons and analyses, SIEM solutions perform data normalisation, making all comparisons “apples to apples”. SIEM tools can also offer event notifications and response (and much more). The most effective SIEMs are integrated into Security Operations Centres. 

4.    Threat Intelligence:   Public sector entities can obtain a broad view of potential threats through cyber security intelligence platforms. The platforms enable entities to obtain greater situational awareness, and subsequently, to take a more proactive approach to security. Value-packed insights inform admins about adversaries’ motivations, capabilities and modus operandi. All of this informs mitigation measures. Prevention and defence against imminent attacks becomes faster and more effective. While your organisation may not require automation within a threat intelligence solution, it’s a nice-to-have that will likely turn into a must-have in the future. 

5.    Automation:   Cyber security automation is intended to make processes and people more efficient and accurate. Automated tools can collect information, sequence the information, and analyse the information. In turn, they can detect infections and potentially remediate issues faster than an attack can progress, and faster than a human could apply a fix. Thus, automation stops attack lifecycles at-speed and scale.

6.    Consolidated Cyber Security Architecture:   In the past, public sector cyber security professionals leveraged a variety of products and tools. Each one was intended to address a different aspect of cyber security. However, these tools often aren’t interoperable, or the communication between them is poor. In addition, gaining visibility into a large number of tools is extremely challenging. Adopt a consolidated cyber security architecture. A consolidated architecture offers improved visibility, superior threat intelligence and simplified management across your entire environment. 

7.    Cyber Security Training:   Leaders need to provide cyber security training in a way that resonates with employees -  that ‘speaks the employees’ language,’ framing threats in terms of ideas and objectives that employees care about. 

Emphasise the personal dimension of risk. Talk about how organisational data loss could lead to distribution of information about employees and their families.

A breach could mean that employees and their family members experience identity theft, which could make it extremely difficult to renew passports, to enroll children in school, or to open new lines of credit, among other things.

8.    Adhere To Established Standards:   No need to reinvent the wheel. A number of independent industry groups have created high-level guidelines and frameworks that you can easily apply in order to make the most of your security efforts. Leverage frameworks to assist your organisation in advance of compliance audits. The use of ISO 27002, for instance, enables organisations to demonstrate compliance with multiple regulations at once, including HIPAA, Sarbanes-Oxley Act (SOX), PCI DSS and the Graham-Leach-Bliley Act. 

9.    Integrate Cyber Resilience Into Strategic Planning:   Cyber resiliency “is about keeping the lights on with no downtime,” says Sue Bergamo, executive advisor, CIO and CISO with BTE Partners. It refers to “the ability to anticipate, withstand, recover from and adapt to adverse conditions, stresses, attacks or compromises on systems that are used or enabled by cyber resources,” explains the National Institute of Technology and Standards. Assess and identify risks, create incident response plans, foster partnerships and collaborations across your organisation, and implement data protection measures. All of these efforts contribute to the development of cyber and business resilience. 

10.    Collaborate With Industry Partners:   Collaboration with other agencies, established groups and reputable cyber security vendors can enhance collective prevention and defence. Cyber security collaboration offers a low-cost means of significantly enhancing cyber threat detection, incident response and your overarching cyber security posture. 

Conclusion

Although the solutions listed above may not be mandated by your organisation or department, I would encourage all public sector bodies to exceed standards and expectations wherever possible.

Take an innovative approach and leverage these recommendations to strengthen the cyber security posture of your organisation and mature your cyber security capabilities.  

Deryck Mitchelson is Global CISO at Check Point Software Technologies

Image: Unsplash

You Might Also Read: 

How Does Your Board Measure Cyber Resilience?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« US Cyber Command Begins A Strategic Review
Cyber Warfare & The Future Of AI »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Lakeside Software

Lakeside Software

Lakeside Software is how organizations with large, complex IT environments can finally get visibility across their entire digital estates and see how to do more with less.

QMS International

QMS International

QMS is one of the leading ISO certification bodies in the UK and serves clients worldwide.

Israel National Cyber Directorate (INCD)

Israel National Cyber Directorate (INCD)

The Israel National Cyber Directorate is the national security and technological agency responsible for defending Israel’s national cyberspace and for establishing and advancing Israel’s cyber power.

Inky Technology Corp

Inky Technology Corp

Inky® Phish Fence is an email protection gateway that uses sophisticated AI, machine learning and computer vision algorithms to block deep sea phishing attacks that get through every other system.

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions is an industry leading Data Sanitization Software, Hardware and Onsite Service Provider.

RiskXchange

RiskXchange

RiskXchange's cybersecurity risk rating solution helps businesses solve complex cybersecurity and compliance challenges by providing a 360-degree view of your cybersecurity posture.

Data Privacy Office (DPO)

Data Privacy Office (DPO)

Data Privacy Office is a company that specializes in privacy and personal data protection, following the highest standards in its sector.

TrustGrid

TrustGrid

Trustgrid is a pioneer and leader in secure, cloud-native software-defined connectivity.

Cubro Network Visibility

Cubro Network Visibility

Cubro network visibility solutions remove network monitoring ‘blind spots’ to provide enhanced visibility and control of all data transiting a company’s network.

SolCyber

SolCyber

SolCyber, a Forgepoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are accessible and affordable for any organization.

Splashtop

Splashtop

Splashtop’s cloud-based, secure, and easily managed remote access solution is increasingly replacing legacy approaches such as virtual private networks.

Gorilla Technology Group

Gorilla Technology Group

Gorilla specializes in video analytics, OT network security and big data to support a wide range of solutions for commercial, industrial, cities and government purposes.

SentryMark

SentryMark

Stay a Step Ahead of Emerging Threats. Deviate from the traditional siloed defenses and get the proactive and responsive cybersecurity solutions and services you deserve with SentryMark today.

rThreat

rThreat

rThreat is a cloud-based SaaS solution that challenges your cyber defenses using real-world and custom threats in a secure environment, ensuring your readiness for attacks.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CheapSSLWEB

CheapSSLWEB

CheapSSLWeb.com is an affordable and trusted SSL/TLS certificate provider from globally recognized CA (Certificate Authority) Comodo, Sectigo, and Certera..