If there were any doubts about the critical need for governments, businesses and individuals to better fortify themselves against cyber threats, Petya should have put them to rest. The attack a few weeks ago using ransomware known by that name wreaked global havoc, infecting computers and networks in more than 65 countries including the United States.
The Petya outbreak followed — by just a few weeks — the even more widespread WannaCry ransomware attack. As evidenced by these high-profile events, protecting sensitive data and leveraging the right systems to detect, prevent and remediate security breaches continue to be a challenge for many organizations.
The concern is especially high for government agencies. As guardians of some of our most sensitive citizen and public-employee data, they are attractive targets for cyberattacks. Governmental organizations face dozens of focused, targeted attacks each year, one in three of which result in a successful security breach, according to a recent Accenture survey of security executives.
To bolster protection of our assets, government agencies must adopt modern, proactive, agile strategies that can help them quickly identify and respond to digital security risks. It’s not clear, however, to what extent they are currently applying the right resources to confront this challenge.
A recent Accenture report based on a survey of 150 government executives in the United States suggests that most agencies don’t have adequate technologies in place. Only 13 percent of respondents believe their existing technology is effective for responding to cybersecurity breaches, and only one-third say they are confident in their ability to monitor, identify and measure these breaches. Almost half of state and local government respondents say that it can take months to identify sophisticated breaches. For the technology needed to fill in the gaps, the respondents most frequently listed end point/network security (58 percent), encryption (56 percent), threat intelligence (54 percent) and cyber-threat analytics (51 percent).
Public-service organizations need to integrate cyber defenses deeply into their organizations by employing a comprehensive end-to-end approach to digital security. As a first step, agencies should conduct a thorough assessment of their cybersecurity capabilities, while “pressure-testing” their defenses to determine whether they can withstand a targeted attack. They also need to identify and minimize their network exposure and focus on protecting priority assets. The following cybersecurity areas should be considered priorities for investment and greater leadership attention:
- Governance: Focus on accountability to nurture a cybersecurity-minded culture, measure and report cybersecurity performance, develop attractive cybersecurity incentives for employees, and create a clear-cut cybersecurity chain of command. Leaders need to redefine cybersecurity success as more than simply achieving compliance targets. Getting the right level of visibility and authority is critical to discovering and responding to threats in a timely manner.
- Agency exposure: Assess cybersecurity incident scenarios to understand those that could materially affect the organization. Identify key drivers, decision points and barriers to the development of remediation and transformation strategies.
- Strategic threat context: Drive the organization to explore specific cybersecurity threats, including an analysis of geopolitical risks, and to identify what cybersecurity-related activities and technologies similar organizations are undertaking and deploying. These steps will ensure that an agency’s security program aligns with its overall strategy.
- Cyber resilience: Assess the organization’s ability to deliver operational excellence in the face of disruptive cyber adversaries, and use “design for resilience” techniques to limit the impact of an attack.
- Cyber response readiness: Put in place a robust response plan, provide effective cyber incident escalation paths, and ensure solid stakeholder involvement across all agency functions. Test the ability of team members to cooperate during crisis-management incidents.
- Investment efficiency: Develop in-house expertise to drive smart cybersecurity investments and the most effective allocation of funding and resources. Compare organizational investments against benchmarks, organizational objectives and cybersecurity trends. Asset management can be difficult for government organizations, but this is a critical component of any security campaign.
Government agencies should approach cybersecurity with an organizational mindset — one capable of continually evolving and adapting to changing threats. State-of-the-art cybersecurity will require not only investments in innovation and training but also rock-solid commitment from leaders.
This article was originally published on Governing.