How Can Local Governments Upgrade Their Defenses?
As years pass by, and cyberattacks become more sophisticated, government agencies should ensure that they follow the best practices to keep their systems safe. The infrastructure of state and local agencies is usually in a state in which governments deploy citizen-facing apps at scale; they use them to leverage digital platforms to manage the utilities such as water and electricity, etc. The result of all of this could be that the route is provided for multiple malicious actors if they want to compromise key systems.
The attack could be launched in order to steal vast amounts of stored personal data – there being included criminal records, tax information, birth certificates – because cybercriminals look to turn a profit to state-sponsored threat actors who are looking to collect the sensitive data or even to destroy some critical infrastructure. Attackers also vary across skill levels and motivation, so as a result – local and state networks are under frequent assaults.
The security services that governments use vary across the states and many of them usually struggle to modernize outdated systems and to hire the right professionals. However, scientists claim that there are ways to reduce attack risks. There are three basic practices: intelligence data sharing, in-situ testing, and incident response.
When it comes to incident response research: researching potential third-party providers and creating highly comprehensive cybersecurity guidelines prove most effective.
With intelligence data sharing – it is about sharing attack data with other state and local organizations, but also including federal agencies and institutions, so that they can gain critical insight. This is important in cases such as digital voting – because it becomes commonplace and the government needs to ensure the right amount of budget for the different digital platforms.
In-situ testing is about implementing ”fire drill” exercises to test current government security practices. It immensely helps the government to identify previously unknown vulnerabilities, to overcome critical weak points and to help to create a veto to the most common cybercriminals.
Nowadays, government IT infrastructure usually moves away towards public-facing, mostly cloud-connected networks. In order to protect data that is being stored in this way, governments must build allocations in the budget so that third-party providers are permitted and, for example, in-situ infrastructure supported.
Governments should pay attention to changing the aging technology – they usually run on technology that has not been maintained to current levels. With the rapid pace of technology, the right amount of attention should be paid to this – because we all know how difficult it is to keep the technology protected from today’s threats.
Introducing new technology is a way to start making changes, but governments should be extremely careful – if the new technology is not well integrated with the existing technology, it can pose huge threats.
IT organizations should be made in order to match or even exceed the capabilities of a local government – understanding of the technology is the first step towards supporting the IT organization.
In an effort to ensure both progress and security, state and local governments turn towards identity management – ensuring that critical organization data can only be accessed by the right people, at the right time, and most importantly – for the right reasons.
Every government is unique, and in order to effectively respond to a cyberattack, it must understand the different threats. A good starting point, for example, is developing a comprehensive municipal cybersecurity program so that a baseline understanding of all network and system vulnerabilities could be established. Cybersecurity must be viewed as a shared responsibility across the entire organization and it needs a top-down approach that includes the entire chain of appointed and elected officials in local government. Even local officials have to be aware of the responsibilities that they have, so that top security of personal information will be ensured. Governments should conduct a comprehensive risk assessment across all departments and then find ways for improvement. This risk assessment should identify the categories of risk that apply to people, processes, systems, and vendors. Once the risk assessment is finished and vulnerabilities are identified, an actionable and appropriate solution could be found to address weaknesses in their system. In order for cybersecurity to be effective, it must be integrated throughout all departments of an organization.
New Year’s Resolution!
In the end, in order to address the issues above, everything requires funding and support at certain levels. There must be awareness and recognition that cybersecurity is no longer some “backroom” function, it is a need in order to keep technology up to date and prepare plans that will have focus if any disaster happens. There is no magic word that can “solve” the cybersecurity “problem”. As we continue to use technology, the protection of data should be needed. The only thing necessary is to comprehend that the ability of smaller organizations to address threats without any collaboration, shared resources or support of the technology partners should be a thing of the past.
Source: EU cybersecurity strategy