Alyn Hockey, VP of Product Management at Clearswift, explores how the coronavirus pandemic means public sector organisations can press a ‘reset’ button on their cybersecurity practices, and allow them to be more secure in the future
The pressure that the coronavirus pandemic has placed on the UK public sector – and indeed its equivalents all over the world – has been virtually unprecedented. Hundreds of thousands of employees were suddenly asked to work from home, front-line healthcare workers are selflessly looking after the ill (despite a lack of the personal protective equipment that helps ensure their own safety) and other workers are continuing to deliver public services all across the UK.
When the lockdown eases and the pandemic is eventually over, there is a strong argument for changing how the public sector is regarded and how it is resourced. There is also the opportunity for the public sector itself to look at how it approached certain things pre-pandemic and how it might approach them more effectively in the future.
One of these is undoubtedly cybersecurity.
Cybersecurity in the pandemic
Keeping networks safe and secure, in a period with more cyber-attacks than before and with people more vulnerable than usual, has been a significant challenge for public sector IT teams during the pandemic. For example, there has been a real spike in coronavirus-based phishing campaigns over the past few months.
These are well-crafted, look authentic to the untrained eye and are designed to trick people into opening them. They rely on peoples’ interest in topical news, so lures such as ‘Face masks to prevent Coronavirus’ is something that would attract people who were anxious and perhaps even lacking the right equipment themselves.
Working for home even when not in the grip of such a crisis has security issues, but with many public sector employees now working from home that were not previously, there are further security concerns. For example, other family members might use the employee’s laptop or device at home – kids printing out their homework or checking personal email. This can be an easy route in for hackers using phishing or social engineering lures..
It’s also true that homeworkers lack the usual office-based security measures – no email and web gateway security, intrusion detection/prevention systems. So how can this situation be used to improve public sector cybersecurity in the future?
A cybersecurity blueprint
What the coronavirus has done, is force employers to give employees a little more guidance around cybersecurity best practice, with so many of them working from home. This education is vital. In forthcoming Clearswift research with 1,000 public sector employees, it will be revealed that almost half of respondents have either not heard of, or do not know what ransomware is.
This lack of cybersecurity awareness is compounded by a lack of training – 77% of respondents have been given no instruction in how to recognise ransomware, while 16% have had no cybersecurity training whatsoever and 13% just once. Public sector employees are also not all using the most up-to-date operating systems that help defend against cyber-attacks, with 11% still using Windows 7 and 6% still using Windows 8.
Addressing cybersecurity effectively should always about a combination of people, processes and technology, and the pandemic allows public sector organisations to look at where they are with all three. With so many employees working from home, there have had to be quick training exercises take place to demonstrate best practice in this area and what processes to follow should any employee think they have been breached.
Addressing ransomware effectively
Ransomware remains a significant problem in the public sector and employees need to be told what this is exactly, and how to recognise it. This needn’t be a lengthy or involved training programme, more a question of providing people with regular updates and refreshers. Similarly, outmoded operating systems are an easy way in for hackers, and although budgets might not stretch to upgrading every employee’s OS, as and when people come back to work would be a good time to check that the most up-to-date patches are installed.
Advanced email and web security solutions can also play an important role in post-pandemic cybersecurity, by detecting and removing threats such as malicious links in emails and attachments, or from documents downloaded from the web, and disabling the URLs before they enter the network. This automatic sanitization protects a public sector department’s staff from mistakenly clicking on malicious links.
When the lockdown is over it is not unreasonable to think that the UK public sector will see many more people working from home regularly. All the measures that were put in place to facilitate pandemic home working should remain, but it’s also an opportunity to put in place new measures.
Communicating clearly about the dangers of ransomware and updating legacy operating systems would be a great start, ahead of a broader look at overall cybersecurity strategy. This will help ensure that the public sector is better protected than it was before the pandemic took hold.