The public sector is uniquely vulnerable to cyberattacks due to the highly interwoven array of sensitive information it holds—everything from citizens’ personal information to a country’s key defense infrastructure. With differing levels of digital and security management maturities,governmentsneed to build greater cybersecurity oversight as they move from digital optimization to digital transformation. 188BET Field CISOs Jim Richberg and Daniel Kwong provide insights into how the public sector can strengthencyber resilienceby taking more proactive measures to effectively protect their critical infrastructures and sensitive government and citizen data.
1. What does cyber resilience mean for the public sector?
ٲԾ:For the public sector, cyber resilience means the ability of an organization to prepare for, respond to, and recover from cyberthreats to achieve its mission or business objectives. Cyber resilience includes protection, detection, and evolution against cyberthreats to systems, applications, and data. To protect against cyberattacks, public sector organizations need to adopt the five stages of cyber resilience, which include: identify, protect, detect, respond, and recover. Cyber resilience is also crucial for digital transformation. The pandemic demonstrated the importance of digital operations during a crisis. In addition to technology, organizations also should consider strategic, financial, operational, and information risks in building cyber resilience.
:I would emphasize that cyber resilience brings more benefit to an organization than merely increasing the effectiveness of its cybersecurity posture. Cyber resiliency provides organizational resilience, ensuring that enterprises have sufficient capacity and multiple options to accomplish core tasks. An organization that can withstand a predictable catastrophe such as a cyberattack often has the capability to deal with less predictable but equally disruptive events, which could range from natural disasters to sudden increases in citizen services demand. Maintaining the continuity of operations is especially important to public sector organizations, which may provide not only government services but other critical infrastructure functions such as water treatment. Building cyber resilience involves the classic ingredients of people, processes, and technology. Often the greatest challenges are not technical. The biggest cyber-resiliency challenges are often issues of policy, creating and managing processes, or finding resources.
2. What are some of the key digital transformation trends taking place in the public sector?
ٲԾ:Several key digital transformation trends are taking place in the public sector, such as the use of digital identity for public and private service authentication, simplifying cybersecurity with cloud technology, and shaping the future of public sector digital service. These trends highlight the importance of equitable internet access, strong digital ecosystems, and investing in digital infrastructure and frameworks. The current trends also emphasize the need for effective data privacy protections and enforcement and the need for cross-sector collaboration and public-private partnerships. Cyber resiliency is a crucial element for driving enterprise growth and market acceleration.
:Artificial intelligence and machine learning have been transforming the conduct and effectiveness of both cybersecurity and the efficiency of government services.Fueled by the increase in demand for online services sparked by the global pandemic, simple AI and robotic process automation expanded dramatically and rapidly to support citizen-facing services, such as chatbots to answer simple queries and to help increase the efficiency and accuracy of internal government functions such as accounting and filing. This first wave of AI focuses on automating simple rote tasks, but public sector organizations are increasingly exploring ways to harness ML in intelligent automation that may involve generative AI.Another transformational trend in the public sector has been the increase in both the use of operational technology and in connecting this OT through Internet Protocol communications so that it can be accessed remotely.Connected Internet of Things and edge computing devices are becoming widespread in public sector applications that range from public safety to public utilities.And almost all governments are embracing smart building technology to enhance environmental efficiency and public health in their facilities.
3. Digital ID programs have been accelerated during the pandemic. How can government leaders incorporate security in digital ID programs without compromising user experience?
ٲԾ:During the pandemic, most governments began actively developing contact tracing and digital vaccination records. The rapid growth of these digital initiatives was fueled by the pandemic and resulted in enhancing and speeding up digital identity projects. The advancement of digital ID has been successful, especially in the Asia Pacific region. For example, Hong Kong launched the “iAM Smart” system that incorporates resident identification, digital signature, and personal data autofill for government organizations, and these advancements also extend to the private sector, such as banking, insurance, and public utilities. In Singapore, the SingPass digital identity system has evolved to integrate seamlessly with more than 1,700 digital services from both the public and private sectors.
Incorporating security in digital ID systems is essential to ensure cyber resilience and protect against potential cyberthreats, especially for public and private section adaption. Government leaders should adopt the different stages of cyber resilience, which involve preparing for, responding to, and recovering from cyberthreats to achieve mission and business objectives. Additionally, organizations must consider strategic, financial, operational, and information risks. To maintain a good user experience for public services, leaders can simplify cybersecurity by investing in digital infrastructure to enhance user experience while strengthening cybersecurity, such as cloud and zero-trust technology. Strong digital ecosystems are necessary to support equitable internet access and effective data privacy protections. Enforcement by cross-sector collaboration and public-private partnerships can help address vulnerabilities and protect against cyberthreats. Effective security measures and user-friendly design should be balanced to ensure that security does not compromise the user experience. By prioritizing cyber resilience and security in digital ID programs that integrate with private sectors, government leaders can help to drive the expansion of the range and security of digital services available to citizens.
:Strong and secure identity and data management are foundational to building cyber resilience and enabling further digital transformation. In fact, both identity and data are identified as core pillars in the US National Institute of Standards and Technology model and the technical reference architecture for zero trust. Identity management is often regarded as a foundational step to focus on when implementing a zero-trust strategy and enhancing cyber resilience. Without strong identity and data management, it would be difficult to provide the core functionality of secure connectivity between users, devices, data, and compute resources regardless of their location.
4. There have been cyberattacks targeted at critical infrastructures in recent months. What are some of the challenges organizations face in efforts to secure evolving infrastructure?
ٲԾ:The public sector has faced various challenges in securing evolving infrastructure due to constrained budgets, lack of training, and different security point solutions deployed in different departments. Threats to critical infrastructure are increasing due to the convergence of information, application interface, and OT, leading to a proliferation of devices and systems that must be protected. Organizations that lack a lack of zero-trust strategy are more susceptible to phishing attacks, which can lead to ransomware attacks in the hybrid working environment and have a devastating impact on public services. And because of existing political conflict in different regions, state-sponsored attacks on key infrastructure are also on the rise.
:Public sector organizations often contribute to funding critical infrastructure that others own and operate.Governments may set operations requirements and provide information on threats to these infrastructures. Still, governments often lack deep insight into potential vulnerabilities and dependencies for these systems when they do not operate them. It is a challenge to create unified visibility into these systems and blend what government may see about pending threats with the ”so what” factor that can be better provided by the critical infrastructure operator.
Growing threat complexity also poses a challenge. For example, while ransomware remains a serious problem for critical infrastructure organizations, in the past few years, it has morphed from a threat that largely encrypts a victim’s data to one that frequently steals or deletes data. Organizations must remain attuned to the evolving nature of threats because cybersecurity and preventive controls cannot be ”one size fits all.” For example, in the case of ransomware, having timely offline backups may help an organization recover from the encryption of its data. However, having a backup does not counter a ransomware threat that steals citizen data and publishes it or sells it on the dark web. To put the right solutions in place, whether it’s external attack surface monitoring or data encryption, organizations need to understand both the technology and the evolving nature of the threats.
5. What can governments do to protect critical infrastructure?
ٲԾ:Governments have a significant role in cybersecurity, from providing guidance and direction to developing and implementing regulations and laws. Governments should create clear and comprehensive cybersecurity policies to help mitigate the risk of cyberattacks for constituent organizations following the guidance.
Additionally, governments need to ensure that organizations that manage critical infrastructure are properly trained and equipped to respond to the ever-evolving threat landscape. Governments should invest in research and development with the latest security technology, such as zero trust, cloud, and AI, to stay ahead of threat actors.
Governments should adhere to robust cybersecurity practices and create laws or regulations that mandate both public and private sector organizations to protect critical infrastructure that affects its citizens. Governments also should work with the public and private sectors to promote awareness of cyberthreats and develop public-private partnerships to cooperate on cybersecurity initiatives. In this vein, governments can also drive the creation of threat information sharing and collaboration platforms to improve detection and response to cybersecurity incidents.
:Governments can set regulations and requirements or create incentives to influence behaviors by critical infrastructure owners and operators. Thewas framed in part to help level the playing field between organizations that have voluntarily taken cybersecurity seriously and those that have not paid appropriate attention to it. Under this Cyber Strategy, “secure by design” and “secure by default” will be the new normal for critical infrastructure, although it will not be a one-size-fits-all solution because of differences between sectors and differences in need and capacity between small and large organizations.
6. What will be your top tips for cybersecurity leaders in the public sector today?
ٲԾ:Cybersecurity leaders in the public sector should adopt a comprehensive approach to cyber resilience, which can include:
- Developing an integrated framework for responding to threats
- Implementing effective risk management solutions such as simulation and penetration testing
- Leveraging data analytics and artificial intelligence technologies
- Establishing standards and protocols for secure access control systems, such as zero trust
Additionally, organizations should establish effective measures for regulation and best practices while maintaining a flexible policy as new threats emerge.
:Start by looking to adopt existing commercial solutions that offer a proven path forward rather than coming at a cybersecurity problem by assuming that you need to invent your own solution.In most cases, a commercial solution already exists that provides most or all of the needed functionality. Related to this recommendation is the challenge of finding ways to stay abreast of private sector technology advancements and evolving best practices. Even though it can be difficult as a leader to take time away from managing and securing critical operations, building personal—as opposed to technical—network connections to look beyond one’s own organization is essential to understanding the art of the possible.
Teamwork and partnerships at multiple levels are essential. Within a critical infrastructure provider, close and continuing collaboration between the operational elements and security will help ensure that the fresh solutions that emerge are secure as well as effective. Partnership between critical infrastructure operators who understand what is important to protect and government and private sector organizations who are attuned to evolving threat capabilities will help ensure that critical infrastructure organizations have effective security. And since the public sector can be an integral part of critical infrastructure, ensuring that government services are secure, reliable, and available can help improve the quality, timeliness, and breadth of digital citizen services.
Find out how the188BET Security Fabricplatform delivers broad, integrated, and automated protection across an organization’s entire digital attack surface to deliver consistent security across all networks, endpoints, and clouds.
Learn more about 188BET’sFortiGuard Labsthreat research and global intelligence organization and 188BET’s FortiGuard AI-powered Security Servicesportfolio.
