By Sascha Giese, Head Geek™ at SolarWinds
Like many countries around the world, the U.K. is familiar with following trends that originally emerged in the U.S. It’s a long-standing idea, amplified in recent years by increasing globalisation and the impact of digital transformation on society.
Take cybersecurity, for example, where the U.S. has been at the forefront of some of the highest-profile incidents and attacks on public sector infrastructure. In recent years, the U.K. has experienced similar issues, most recently seen at the Foreign Office which was targeted by a serious cybersecurity incident requiring urgent support costing nearly £500,000.
It’s important for the U.K. public sector to keep an eye on the nature of emerging threats seen by their counterparts in the U.S. Doing so can play an important role in informing strategy decisions, particularly when cybercriminals and nation-state adversaries are constantly changing their tactics and where the volume of attacks continues to cause major concern.
For example, recent research has revealed across the Atlantic, the nature of risk for the public sector is changing, with external cybersecurity threats becoming the greatest concern—moving ahead of internal threats for the first time in five years.
More specifically, the general hacking community (56%) is now viewed as the largest source of risk, followed closely by careless/untrained insiders (52%) and foreign governments (47%). It’s interesting to note cybersecurity threats from foreign governments (56%) are responsible for the greatest increase in concern for public sector respondents.
Given the complex nature of the public sector, the nature of risk is far from uniform. For instance, U.S. state and local governments (63%) are significantly more likely than other public sector groups to be concerned about the threat of the general hacking community. In contrast, Federal civilian agency respondents (58%) are more likely to indicate careless insiders as a threat compared to the defence community (41%).
Looking more broadly, it’s perhaps not surprising to see defence respondents (68%) are the most likely to note foreign governments as a cybersecurity threat, compared to civilian (53%), state and local government (46%), and education (25%) respondents.
Detecting and Resolving Cybersecurity Threats
When asked about specific types of security breaches, the public sector’s level of concern over ransomware (66%), malware (65%), and phishing (63%) has increased the most over the last year.
However, time to detection and resolution have not improved at the rate of increased IT security threats and breach concerns. In fact, about 60% of respondents noted both the time to detection and time to resolution remained the same or worsened between 2020 and 2021.
The reasons behind this are varied, but lack of training (40%), low budgets and resources (37%), and the expanded perimeter (32%) due to increased remote work continue to concern public sector security professionals. Respondents also pointed to insufficient data collection and monitoring as a key impediment to threat detection (31%).
State government respondents (50%) indicate more so than local governments (25%) budget constraints are an obstacle to maintaining or improving IT security. Education respondents are the most likely to struggle to identify the root cause of security issues, hampering their ability to both detect and remediate such threats.
Using Technology to Fight Cybercrime
Given these trends, how are U.S. public sector organisations focusing their efforts to meet the challenges they face? Research respondents believe improving investigative and remediation capabilities, as well as reducing barriers to sharing threat information between public and private sectors, are their top priorities for compliance with the 2021 Cybersecurity Executive Order issued by President Biden.
More specifically, over 75% of public sector respondents note their organisations rely on a formal or informal zero-trust approach. Most public sector respondents are familiar with the principle of least privilege (PoLP), and 70% of respondents are either already implementing PoLP or will implement it within the next 12 months.
Most public sector respondents realise the importance of IT security solutions and prioritise their investments highly in the next 12 months, with network security software (77%) being the top priority. IT modernisation investment priority leans toward replacing legacy applications (60%) and migrating systems to the cloud (60%).
Clearly, public sector organisations are under huge cybersecurity pressure in the U.S. and here at home. It’s also increasingly evident a coordinated response to these issues has risen up the list of priorities for authorities on both sides of the Atlantic. As the nature of risk continues to evolve, drawing on the experiences, insight, and trends seen in other countries will play a key role in helping the U.K. public sector to detect, prevent, and mitigate future cybersecurity threats.
Recent Comments