Counter The Most Advanced Cyberthreats To Restore The Public’s Trust In The Face
of Security Lapses
Countries and communities around the world are using digital transformation to make governmental services more available, enhance citizen services and reduce costs. This transformation also brings new security challenges as data and networks are spread across disparate systems and applications.
Government networks and infrastructure around the world are under a consistent state of attack, however the nature of the threats is anything but constant. Attacks evolve on a daily basis as hacktivists, nation states and cybercriminals seek to compromise the data of citizens and government agencies.
The biggest threat to the public sector are state-sponsored cyberattacks, according to Verizon’s Data Breach Investigations Report. State-sponsored attacks, miscellaneous errors and privilege misuse represent 72% of public sector breaches, with espionage and financial gain reported as the two primary motives.
According to Radware’s Global Application and Network Security Report, government security professionals must overcome three primary challenges to keep their institutions and agencies secure: lack of expertise and resources, protecting sensitive data, and application and network availability.
Although keeping websites, data and the network secure is critical, it is becoming increasingly difficult because of the cybersecurity skills shortage and the sophistication of state-sponsored attacks. The government sector has more difficulty attracting talent than private organizations. IT budgets are particularly tight in the government sector due to budget cuts and the need to show return on investment. When combined with the fact that government agencies are typical targets of highly sophisticated, state-sponsored threat actors, keeping government data and networks secure is increasingly difficult.
Government institutions process and store large volumes of both personal and governmental information. Verizon’s 2019 Data Breach Report indicates that “cyberespionage is rampant in the public sector, with state-affiliated actors accounting for 79% of all breaches involving external actors. Privilege misuse and errors by employees account for 30% of breaches.”
In addition, government data centers must adhere to numerous guidelines and regulations, including the Federal Risk and Authorization Management Program, International Traffic in Arms Regulations and Criminal Justice Information Services. Although encryption protocols are required to secure transactions, attacks using encryption are also a concern.
Government institutions depend on websites and online services for everything from tax payments to vehicle registration. Networks and applications must be available 24×7 to allow consumers to access resources, especially during critical time periods. Government respondents to the aforementioned Radware report indicate that malware and bots, DDoS and social engineering attacks are the most frequent attacks vectors. Over 50% of respondents reported productivity/operational loss, followed by loss of brand reputation and negative customer experience as repercussions of successful attacks.
An APAC Cloud Network Provider Protects Its Apps Against A Series of DDoS Attacks
A National Law Enforcement Agency Keeps Criminal Justice Data Secure