Keith Glancey, Head of Solutions Architects at Infoblox, explores why cybersecurity has never been more important for the public sector
It is common knowledge that cybersecurity and other digital initiatives have long presented a challenge for the UK’s public sector. With many of its organisations overstretched and under-resourced, investing in modern technologies has often, understandably, been put on the backburner.
However, several recent incidents have highlighted how damaging this mindset can be, especially where cybersecurity is concerned. Reports that politicians have used personal email addresses for government business, that schools have been given laptops with malware on them, and of course the Irish Health Service falling victim to a ransomware attack all serve as constant reminders to public sector organisations that making cybersecurity an afterthought is both impractical and dangerous.
As the pandemic highlighted for many the critical nature of many public services, the public sector is a more high-value target for cybercriminals than ever before. Organisations, therefore, need to act now to implement strategies and technologies that will enable them to protect both their employees and the general population moving forward.
More than just nice to have
In the traditional, highly centralised network architecture that many public sector organisations used to run on, cybersecurity was often seen as an addition and a “nice to have.” Often it was not something that was at the core of projects and infrastructure. It is unfortunately no longer possible for the public sector to rely on this add-on approach.
Advancements in cloud-based applications and services, the proliferation of IoT and other connected devices, and the onset of the pandemic and remote work elevated the importance of security. Suddenly, hundreds or even thousands of devices were connecting to the network, many from outside the network itself and its centralised suite of security tools, increasing the network’s complexity and reducing the ability of security teams to see and understand what devices are on the network, leading to new avenues of vulnerability that bad actors can, and do, exploit.
What’s more, the data these devices are working with is increasingly important and valuable. From cameras collecting traffic data to hospitals electronically recording patient data to the online education systems that protect student data, local governments are collecting, transmitting, storing and analysing vast amounts of personal information about their constituents. Bad actors are aware of how important this information is and waiting in the wings to take advantage of any vulnerabilities. In fact, research from 2019 shows that nearly a fifth of UK public sector organisations reported over 1,000 cyber attacks the previous year, while more recent studies show that about 11% of all cybersecurity incidents involve the public sector. The numbers are even higher in the US. Our survey found that 84% of government organisations experienced one or more cloud networking attacks in the last 12 months.
In this new data-centric, borderless environment, security can no longer be an afterthought to traditional networking. It needs to become fundamentally embedded in network architecture and at the heart of any project. The stakes for not putting cybersecurity first are simply too high.
A cybersecurity first approach
As bad actors continue to leverage newer and more sophisticated techniques to undermine security systems, public sector organisations must do all they can to protect themselves and the general population that they serve.
A good place to start is with a layer of foundational security — such as that provided by secure DDI (DNS, DHCP and IPAM) solutions. This is because DDI helps to augment visibility into network activities and increase control. It grants visibility into networking activities, no matter where devices might be connected from, so that public sector organisations can take back control. This type of technology can plug the gaps that other tools miss and ensure that network security is extended from centralised campuses to home offices. It is also particularly useful when you take into consideration just how many devices are used within public sector organisations.
To add to this, 90% of malware touches DNS — the first D in DDI — when entering or leaving the network. This makes it a critical detection tool that can be used to pinpoint threats at the earliest stages and identify compromised machines. Ultimately, DDI enables IT teams at public sector organisations to quickly detect and fix any vulnerabilities, no matter where they originate.
With cybercrime on the rise, it’s never been more important for public sector organisations to shore up their digital defences. No organisation is immune. In order to avoid the potentially devastating data breaches and ransomware attacks of tomorrow, the public sector needs to act today. Only by adapting systems to the cloud-first needs of modern work will public sector organisations be able to protect themselves and the people they serve from falling victim to the ever-evolving world of cybercrime.