Public Sector: When Will The Next Cyberattack Take Place?
Faced with a growing threat of cyberattacks, the Public Sector is looking for solutions to strengthen the security of its information systems, which often need to be updated and better protected. I need to figure out where to start.
The public Sector is a favorite target of cyberattackers and is prey to increasingly frequent attacks. Between July 2021 and July 2022 alone, public administrations represented almost 24% of organizations affected by hacking, according to the Threat Landscape 2022 report from the European Union Agency for Cybersecurity (ENISA).
This vulnerability is explained in particular by the obsolescence of the Administration’s information systems. Direct consequence: fundamental principles are not put in place. What if license optimization was the solution to free up the budget necessary to improve the security of the Public Sector’s IS?
Exposure to the Threat of the Public Sector
Today, the Public Sector is one of the targets of choice for cyber attackers. The main reason is the type of information it has: sensitive data on users (social security number, health data, tax notice, identity, etc.), which represents a high market value for attackers.
In addition, public service information systems are used for critical activities such as health, citizen services, finances, etc. For cybercriminals, it is tempting to paralyze them to carry out all kinds of threats (ransom, theft, blackmail). …).
Furthermore, the threats the Administration must face are much more sophisticated than the simple crypto locker, often materialized by a ransom demand. Hackers are automating their processes and are now carrying out intelligent attacks. They defeat protections using artificial intelligence and infiltrate malicious code into backups, which will spread if restored.
The Administration is far from optimally protected. The main cause is the non-modernization of its information system. The result: it must defend itself against hackers with sophisticated means who use AI and social engineering. Thus, the question is no longer whether the Public Administration will be attacked but when it will be!
Do things in the correct order
Where should the Public Sector start? By fundamental and straightforward principles. It is not a question of placing your entire information system in the Cloud at the risk of facing reluctance linked to abandoning operational but obsolete systems and skills that would no longer be necessary. We must support change and no longer display a pretext of “sovereignty” of data.
We must start by classifying information: what should be considered sovereign or critical and what is not. Move this volume to up-to-date systems and put what is not sensitive in an isolated bubble that can – for example – be protected by the Cloud with appropriate security and retention solutions. Procrastination and considering everything as “sovereign” would cause costs to explode when this classification work begins today.
Then, the training of public service agents: modern attacks primarily target individuals and bad habits and are no longer systems. With little incident response and cybersecurity awareness, agents face differences in processing installed software and training. Cyber attackers like to play with crucial information to target the right “victims.”
Thus, public sector decision-makers must equip IT with solutions to carry out awareness campaigns for their agents. How? Through practical cases, such as credential phishing campaigns and role-playing games around cybersecurity.
Another measure is to strengthen the security of sensitive access, such as exposed servers, workstations, etc. Implementing an automated analysis of suspicious access, using multifactorial authentication solutions, and using PIN codes are then fundamental to limiting identity theft and the massive theft of sensitive data.
Redirect IT budgets towards protection.
One pitfall remains to overcome: financing this protection. In a context where budgets are tight, one solution to examine more closely is the centralization and simplification of licenses to better (re)negotiate them. As in any large organization, these information systems, which have become complex over time, include unused hardware or software resources, unused licenses, and maintenance contracts on obsolete tools.
The result is a system that is too rich with many features that are little or poorly used. Its use is not uniform due to the lack of training and the difficulty of understanding the pricing policies of market publishers. The appropriate solution to free up a budget is to audit the licenses actually used. This is to sort things out while understanding IT expenses.
Thus, the public Sector will have more realistic and enlightened IT systems. Budgets can, therefore, be reallocated to practical solutions: IT security, Cloud computing, and phishing tests.
Rather than multiplying protection software, creating significant administrative complexity, protection can be ensured by an overall simplification of licenses. The goal is to ensure a “healthy” backplane, clearly identify what is sensitive and what is not, and equip agents with training. The security of the whole can then be provided coherently and sovereignly while providing predictability in reducing IT costs. Thus, license optimization advice becomes a lever for financing optimal IT security.
Also Read : Don’t Wait For Cyberattacks