Why a managed security provider could help the public sector mitigate cyber threats

Dean Porter, UK country manager – business security, F-Secure on why the public sector should seek support from managed security service providers (MSSPs)

Posted 28 April 2021 by Christine Horton

At a time when most sectors are struggling with disrupted operations and an increasing volume of incoming cyberattacks, the public sector has more challenges than most. On the central government level, there has been a global increase in nation-state attacks such as the SolarWinds hack that struck multiple US agencies and contractors.

At local scale, authorities are reportedly being bombarded with up to 800 attacks a day, with a particular increase on ransomware attacks aiming to coerce payments out of councils by crippling their services. Several local authorities have fallen victim over the last year, with a particularly high-profile attack on Redcar and Cleveland Borough Council costing more than £10m to resolve.

These mounting threats mean that public sector bodies present an ideal opportunity for managed security service providers, particularly those that can forge a strong strategic relationship and help optimise their defences with a limited budget.

Indeed research has found there has been an increase in government cybersecurity contracts. This aligns with F-Secure’s findings that 81 percent of organisations are planning to increase their security budgets in the next 12 months. Public sector bodies preparing their security budgets for the coming year should be considering the value of taking third party service providers alongside inhouse investments.

What are the security challenges facing the public sector?

The public sector has long been a popular target of threat actors. Central agencies may be targeted as part of state-backed attacks aiming to steal classified information or cause disruption, while local authorities are an easy source of personally identifiable information (PII) and a target for disruptive ransomware. Research has found local government bodies account for nearly half of global ransomware attacks.

Public sector bodies are also frequently seen as easy targets by cyberattackers due to their limited budgets and resources, resulting in a prevalence of outdated technology and a lack of security training for personnel. This is particularly true at a local level, with research finding that many councils had delayed security investments as they struggled with their budgets during the pandemic.

Budget constraints also mean that the public sector feels the ongoing security skills gap more acutely than much of the private sector, and most public sector organisations will be unable to compete against the salaries offered by private enterprises. That said, the public sector does historically boast a low turnover rate for staff, thanks in part to the strong workplace benefits associated with it. There is a tendency to work with smaller teams of longstanding IT and security specialists and upskill them into multiple roles. However, this means a single member of the team leaving can have a huge impact on the skills and experience the organisation can draw on.

These challenges have, of course, been exacerbated by the COVID pandemic, with authorities forced to stretch their limited budgets even further to facilitate remote workers.

How can a partner help?

A full in-house team of security specialists armed with the latest technology is beyond the means of all but the largest of private sector organisations – let alone public sector bodies that are already facing tough limits on their budgets. Partnering with a specialist third party security provider will sidestep most of these challenges, as it transitions security from being a capex issue into an opex solution. This means organisations can access the latest security solutions as needed, without having to invest a huge chunk of their budget upfront.

Equally important to the technology is access to the advanced skills and experience needed to use them effectively. Most security tools are only truly effective with a skilled team of humans behind them. For example, while an organisation might budget for an endpoint detection and response (EDR) solution, it will need a managed security service provider (MSSP) to respond to alerts and mitigate the threat.

MSSPs don’t simply provide a team to sit behind their computers and monitor for threats, either. The best partners offer a strong consultative element, helping the organisation to plan and implement long security strategies. This can be particularly useful when it comes to complying with regulations such as the GDPR or meeting the needs of the Cyber Essentials scheme.

Finding the right partner

Any public sector organisation seeking an MSSP will not have to look far as the market is large and growing rapidly. However, it is important to ensure that the chosen partner will be a good fit and will be able to meet short- and long-term goals.

Agility is one of the most important assets in a security partner, as they must have the ability adapt and implement new technology and services in response to changing needs. Likewise, flexibility is important on the contractual side of things – particularly with the on-going uncertainty of the pandemic. Having a flexible contract that makes it easy to ramp up or scale back provisions as needed can make all the difference.

Finally, transparency and trust are key. Ideally an MSSP should operate as a true partner and adviser rather than as a transactional relationship. This means being honest and open about what is happening in the IT network and the wider security landscape, even if it might not be profitable to do so.

While public sector bodies on both a local and central level will continue to face serious cyber threats, the expertise of a trusted security partner can make all the difference in keeping secure.