6 minute read
CONFERENCE – IN LONDON
National infrastructure, government and emergency services are prime targets for cybercrime with the sophistication and regularity of attacks on the rise. Are the teams, IT/OT processes and suppliers trained and protected?
National infrastructure, government and emergency services are all critical components of a country’s security and well-being. They provide essential services to the public, and their disruption or destruction can have significant consequences. Unfortunately, these organisations are also prime targets for cybercrime, and the sophistication and regularity of attacks on them are on the rise. In this article, we will examine the challenges that these organisations face when it comes to cybersecurity and discuss the steps they can take to protect themselves.
CHALLENGES THAT NATIONAL INFRASTRUCTURE, GOVERNMENT, AND EMERGENCY SERVICES ORGANISATIONS FACE
Large amounts of personal information are processed and stored by government institutions. Cyber-espionage is rampant in the public sector, according to Verizon’s 2019 Data Breach Report, with 79 per cent of breaches involving external actors being perpetrated by state-affiliated actors. “30 per cent of breaches result from insiders (employees) misusing privileges and making mistakes.”
According to Radware’s research, government professionals are most concerned about data leakage following a cyberattack, followed by service outages, reputation damage, and revenue loss. Despite the fact that this move transforms infrastructure operations, improves user experience and reduces costs, government institutions continue to move applications and data to the cloud. However, managing and securing applications hosted in cloud environments requires less control and visibility.
The Federal Risk and Authorization Management Program, International Traffic in Arms Regulations (ITAR), and Criminal Justice Information Services (CJIS) are a few of the guidelines that government data centres must follow. Payment Card Industry (PCI) and General Data Protection Regulation (GDPR) regulations and standards require institutions to comply with them. It is important to use encryption protocols in order to secure transactions, but encryption attacks are also possible. One of the biggest challenges that national infrastructure, government, and emergency services organisations face is the complexity of their IT and OT (operational technology) systems. These systems are often made up of a wide variety of different technologies and devices, all of which need to be protected from cyber threats. This can be a difficult task, as attackers are constantly developing new techniques and tools to bypass security measures. Additionally, many of these organisations have a large number of third-party suppliers, which can also be a source of vulnerability. Another major challenge for these organisations is the scale of the attacks they face. Cybercriminals are increasingly using advanced tools and techniques to launch large-scale attacks, which can be difficult to defend against. For example, distributed denial-ofservice (DDoS) attacks can overload a website or network with traffic, making it impossible for legitimate users to access it. In addition, attackers may use malware to infiltrate a network and gain access to sensitive information.
ARE THEY PROTECTED?
To protect themselves from these threats, national infrastructure, government, and emergency services organisations need to have robust cybersecurity programs in place. This includes having a dedicated team of cybersecurity experts who can monitor and respond to threats in real time. Additionally, these organisations should conduct regular security assessments to identify and address vulnerabilities in their systems.
One of the most important steps that these organisations can take is to ensure that their IT and OT systems are properly segmented. This means that different parts of the network are isolated from each other so that if one part is compromised, the rest of the network remains unaffected. Additionally, organisations should use firewalls and intrusion detection and prevention systems to help block and detect malicious traffic.
Another key step is to train employees and third-party suppliers on cybersecurity best practices. This includes educating them on how to identify and respond to potential threats, as well as how to use security tools and software. Additionally, organisations should conduct regular security awareness training to ensure that employees are aware of the latest threats and how to protect themselves.
In addition to these steps, national infrastructure, government, and emergency services organisations should also have incident response plans in place. This means that they have a set of procedures in place for identifying and responding to a security incident. This includes having a dedicated incident response team that can quickly respond to a threat and take the necessary steps to mitigate it.
Finally, national infrastructure, government, and emergency services organisations should also invest in advanced threat intelligence tools and services. This includes using machine learning and artificial intelligence to detect and respond to threats in real time. Additionally, organisations can use threat intelligence feeds to stay up-to-date on the latest threats and trends in the cyber threat landscape.
How Government Agencies Can Protect Themselves From Cyberattacks
Cyberattacks on government agencies have become increasingly common in recent years. These attacks can result in the loss of sensitive information, disruption of services, and even physical damage to infrastructure. As such, it is crucial that government agencies take steps to protect themselves from cyberattacks.
One of the most important steps that government agencies can take to protect themselves from cyberattacks is to implement robust security measures. This includes firewalls, intrusion detection and prevention systems, and antivirus software. These measures can help to prevent unauthorised access to sensitive information and systems, as well as detect and respond to any attempts to breach security.
In addition to implementing security measures, government agencies should also invest in employee education and training. This can help to ensure that employees understand the risks associated with cyberattacks and know how to respond to them. Training should include topics such as safe browsing practices, password management, and identifying and reporting suspicious activity.
Another important step that government agencies can take to protect themselves from cyberattacks is to regularly update their systems and software. This is important because new vulnerabilities and exploits are discovered all the time, and older software may no longer be supported by security updates. Keeping systems and software up-to-date can help to ensure that they are protected against known vulnerabilities and exploits. Another key element of protecting government agencies from cyberattacks is incident response planning. This includes identifying potential vulnerabilities and risks, as well as developing plans and procedures to respond to cyber incidents. This should include incident management, incident response, and incident recovery. This will help to minimise the damage caused by a cyberattack, as well as restore services and systems as quickly as possible. Government agencies should also invest in the latest threat intelligence systems and tools. This will help to identify and track the latest cyber threats and provide actionable intelligence that can be used to improve security. This includes threat feeds, threat intelligence platforms, and threat-hunting tools.
In addition to these measures, government agencies can also seek out external help from cybersecurity experts. This can include hiring consultants or contractors or engaging with third-party security vendors. These experts can help to identify vulnerabilities and weaknesses, as well as provide guidance on how to best protect against cyberattacks.
Another important step that government agencies can take to protect themselves from cyberattacks is to build strong relationships with other organisations in the public and private sectors. This can include sharing threat intelligence, best practices, and other information that can help to improve security. This can also include working together on incident response and recovery efforts.
Whenever policymakers address these principles, they have resources and industry standards to assist them. In order to take advantage of the advanced security hardware embedded in modern computing devices, including mobile phones, the Fast Identity Online (FIDO) Alliance has developed standards. There is a broad acceptance of FIDO’s standards throughout the technology community, with solutions offered by Microsoft, Google, PayPal, Bank of America, Facebook, Dropbox, and Samsung incorporating FIDO’s standards. Despite the fact that no standard or technology can eliminate cyberattack risks, adopting modern standards that incorporate multifactor authentication can be an important step to significantly reduce cyber risk. By following these eight principles, governments can create a policy foundation for MFA that not only enhances our collective cyber security but also contributes to greater privacy and increased trust online.
Conclusion
In conclusion, national infrastructure, government, and emergency services organisations are prime targets for cybercrime, and the sophistication and regularity of attacks on them are on the rise. To protect themselves, these organisations need to have robust cybersecurity programs in place, which include having a dedicated team of experts, conducting regular security assessments, and training employees and third-party suppliers on cybersecurity best practices. Additionally, organisations should segment their IT and OT systems, use firewalls and intrusion detection and prevention systems, and have incident response plans in place.
If you are interested to find out more on how best to protect your business, make sure to attend UK Cyber Week –Expo & Conference on 4-5 April 2023 at the Business Design Centre, London. Our speaker sessions include 100+ cyber security experts, hackers and disruptors with perspectives from across the industry. Find out more and get your free ticket here L
Andrew Sieradzki, group director, Security, at Buro Happold on how to
