By Sascha Giese, Head Geek™, SolarWinds
While cybersecurity isn’t an immediate casualty of increased complexity, the more digitally transformed public sector organisations become, the more vulnerabilities they face. Similarly, as global workforces have recently moved to their homes, IT teams across every industry have been faced with a rapid expansion of attack vectors. Between this rate of change, increasing complexity, and new devices needing to be secured—and in new ways—we continue to play a seemingly never-ending game of catch-up with the cybercriminals.
These challenges require some concerted changes and improvements throughout the sector. Top of the list throughout this extended work from home period, and the months to follow: security must enter the core competency set of every tech pro, whether as a self-managed skillset or outsourced to an MSP or MSSP. To start, tech pros must develop a complete understanding of the IT environment they support to uncover areas of risk and effectively convey priorities to senior management. That’s in contrast to the situation today where some organisations simply don’t understand the depth of cybersecurity risks they face, or worse still, even realise they may have a problem in the first place.
It may feel as though for every few steps taken towards digital transformation, a few steps are taken back when a cyberattack occurs. As it becomes the everyday norm, what changes can be made in organisations to keep progress on track and reduce targeted attacks?
Cybersecurity Solutions for Digital Transformation
Integrating security systems helps increase visibility into a network and helps organisations manage a wider attack surface. By using applications and devices with built-in security or, if developing an application, making robust security settings the default option, organisations can trust their users will be kept safe from malicious threats.
Teams should also undertake regular penetration testing to identify potential vulnerabilities and opportunities to improve security. While many use log management and signature-based deep packet inspection, attacks can still go undetected, so when using these kinds of solutions, ensure they come with an intelligence feed covering zero-day threats—these threats exploit an unknown computer security vulnerability, i.e., there’s no known security fix because developers aren’t aware of the problem.
Incorporating automation into security processes can help organisations continuously monitor for threats and expand cyber protections, even with limited personnel and resources. Good examples are tools designed to scan web applications from the outside to look for security vulnerabilities such as cross-site scripting, SQL injection, command injection, path traversal, and insecure server configuration. However, it’s not just the tools that are crucial, but the people too, and the communication between them. If information about a possible threat is detected, for example, it should be shared across the organisation, so everyone can take steps to minimise risk.
Upskilling and Training to Keep Everyone in the Know
The importance of cybersecurity skills and training should not be underestimated, because just as gaps can render organisations vulnerable to threats, on the flipside, good training can be an extremely effective supplement to technology-based security solutions. For instance, simple processes such as training staff to recognise emails from scammers can go a long way in avoiding a security breach, and this is an attractive option considering most public sector organisations operate on limited budgets.
For the tech specialists, security is already frequently front of mind. SolarWinds recently shared the findings of its IT Trends Report 2020: The Universal Language of IT, which revealed for 73% of public sector tech pros, at least 10% of their daily responsibilities already include IT security management. This is reflected in the way organisations prioritise their staffing needs, which are now being driven by security and compliance (55%), cloud computing (i.e., SaaS, IaaS, PaaS) (53%), and hybrid IT (37%). Only a collective 18% name emerging technologies—like artificial intelligence, edge, microservices, and containers—as the biggest influence on staffing needs.
At the same time, the top three areas of security skills organisations are prioritising for development include network security (49%), backup and recovery (35%), and security information and event management (SIEM) (29%). This makes sense when you consider organisations aren’t allocating their budget to emerging technologies—particularly as this year’s budgets are re-evaluated in the face of economic challenges. In the same study, nearly two-thirds (62%) indicated their organisation’s tech budgets allocate less than 25% of their spending to emerging technologies.
Technology professionals could, if possible, take advantage of any quiet times and prioritise their own training through upskilling, which would help to maintain good cybersecurity standards and keep digital transformation on track. In addition, it’s important the country’s public sector tech pros start to add a new organisational language to their realm of expertise—the language of business. In seeking a seat at the executive table, tech pros can put cybersecurity and digital transformation higher on the business agenda.
Outsourcing or Insourcing?
Maintaining a solid cybersecurity posture is hugely important for every organisation, but in the public sector, where budgets and resources can present barriers to progress, another option to consider is outsourcing the cybersecurity function to an expert or deploying a managed software solution.
Many organisations are now opting to outsource their cybersecurity, as the benefits gained through this often outweigh the costs. With a third-party involved, organisations have access to the latest technologies and software available to tackle the ever-increasing threats. Along with this comes the experts themselves—people who live and breathe security day in, day out. Teams of experts are typically available 24/7, allowing for a rapid response to security lapses or vulnerabilities, regardless of the time of day or night. When the entire country relies on the public sector, knowing this level of security expertise is always available is a comforting reassurance.
Alternatively, for those either lacking the budget for outsourcing or who’d feel more comfortable relying on their own teams, managed software solutions could be the safest option. These vary between vendors, but most should deliver intelligence to proactively identify threats, take automated action to mitigate damage, and analyse data to prevent future attacks from occurring. Though the best solutions on the market will be very expensive, the different packages on offer may be more affordable than outsourcing—though the onus will be on the organisation purchasing the software to manage it and act on the information it produces.
Whichever way you look at it, security should be a core competency. Being ready for worst-case scenarios is crucial in maintaining a strong defence, so it’s important to find and implement easy-to-use, affordable, and scalable security solutions to work across the varied IT environments found across the public sector.
Recent Comments