Many organizations across the U.K. are tackling the three main factors behind digital transformation: cloud technology, IoT, and employee mobility. However, one downside to increased digitization is how this opens an organization up to the potential for more cyberattacks, which isn’t too surprising when you consider an expanded digital presence equates to an expanded attack surface.
The more applications, information, and processes living in the digital environment, the more opportunities there are for black hats. Unfortunately, the enormous value placed on data today combined with the increased sophistication of attacks creates a double-edged sword, so when a data breach or hack inevitably occurs, the potential for damage is far greater than it’s ever been.
Keeping Tried-and-Tested Defenses in Place
Traditional cybersecurity defenses such as firewalls, antivirus, and malware protection are in place to guard against the most predominant cyberattacks, which were found to be phishing (95%) and malware (86%) according to the SolarWinds FOI request findings. These are, of course, necessary defense measures, but they’re simply not sophisticated enough to prevent equally sophisticated attacks. While data loss prevention (DLP) solutions are available, the majority of these are very expensive and not 100% reliable. To keep the public sector secure, IT teams need to be confident their security strategy will hold firm, so the public can have confidence in them.
What changes can be made to keep your digital transformation journey on track and reduce targeted attacks?
Security Measures With an Impact
Teams should undertake regular penetration testing to identify potential vulnerabilities and opportunities to improve security. Currently, less than 75% of all organizations surveyed through the FOI are using log management and inspection, but even at 100%, an attack can easily occur undetected. When using these kinds of cybersecurity solutions for government agencies, ensure they come with an intelligence feed covering zero-day threats—these are threats exploiting an unknown computer security vulnerability, i.e., there’s no known security fix because developers aren’t aware of the vulnerability.
Incorporating automation into security processes can help organizations to continuously monitor for threats and expand cyber-protections, even with limited personnel and resources. Good examples are tools to scan web applications from the outside to look for security vulnerabilities such as cross-site scripting, SQL injection, command injection, path traversal, and insecure server configuration. However, it’s not just the tools that are crucial, but the people too, and the communication between them. If information about a possible threat is detected, share it across the organization, so everyone can take steps to minimize risk.
Training Gets Everyone Up to Speed
Skills gaps related to digital technologies and cybersecurity can render organizations vulnerable to threats. Training and creating awareness are considerably more useful and probably more cost-effective than the latest technology, which is attractive considering most public sector organizations operate on limited budgets.
At a higher level, technology professionals continue to pursue upskilling to maintain good cybersecurity postures and keep digital transformation on track. The SolarWinds IT Trends Report 2019: Skills for Tech Pros of Tomorrow, a survey of tech pros, showed the top three technologies to achieve this over the next three to five years are:
Cloud and/or hybrid IT (66%)
SIEM and/or threat intelligence (56%)
Automation and/or orchestration (52%)
Of course, given the time and resources pressure on training, tech pros should consider approaching skills development strategically and prioritize necessary learning based around the needs of daily operations and IT environments, along with skills supporting organizational growth.
Security May Rely on Outside Help
Many organizations are now opting to outsource their cybersecurity, as the benefits gained through this often outweigh the costs. With a third-party involved, organizations have access to the latest technologies and software available to tackle the increasing threats. Along with this comes the experts themselves—people who live and breathe security day in, day out. Teams of experts are typically available 24/7, allowing for a rapid response to security lapses or vulnerabilities, regardless of the time of day or night.
There’s no alternative to good security—it’s as simple as that! And part of good security is being prepared for the worst eventuality and having the right measures in place to keep cybercriminals at bay. The Freedom of Information research highlighted that although overall, most public sector organizations had a good level of general preparation against cybersecurity threats, there is still a need for cost-effective and scalable solutions to assist organizations with their defense. Digital transformation is unavoidable and having the country’s major public services in top condition is required to keep things running smoothly all year round.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community.
More than 150,000 members are here to solve problems, share technology and best practices, and directly
contribute to our product development process.