How the UK public sector can bolster cybersecurity practices

Keith Glancey, director of technology Western Europe at Infoblox says the public sector can no longer view cybersecurity as an afterthought

Posted 5 January 2022 by Christine Horton

Cybersecurity has long presented a challenge for the UK’s public sector. Whether it’s hospitals, the police force or the government, the services that we rely on the most are often the ones that are increasingly under threat, especially during our ongoing pandemic. With the full effects of the emerging Omicron variant yet to be realised, the public sector is an especially high-value target for cybercriminals looking to cause havoc or score a quick payday.  

Yet, several high-profile incidents indicate that many of those in the sector are unprepared for what is around the corner. This year alone has seen school children being given laptops with malware on them and the Irish Health Service falling victim to a major ransomware attack. Just last month, the UK’s Labour Party became the latest in a long line of government organisations targeted, rendering a large number of its members’ and supporters’ data inaccessible and vulnerable. It’s clear that changes need to happen fast.  

In October the government’s Spending Review added more than £750 million to improve resilience and boost security practices. However, while this shows that the cybersecurity issue is no longer being taken lightly, there is still a long way to go. In order to be effective, this money – and any future investments – needs to be spent in the right places.   

Security is paramount

The pandemic forced many industries to transform the way that they operate, and public sector organisations are no exception. Employees that could were told to work from home. Meanwhile, the way that public sector organisations delivered many of their services to the general public moved online – whether it was doctors’ appointments or school classes.  

This new landscape, alongside advancements in cloud-based applications and services as well as the proliferation of IoT and other connected devices, has made public sector organisations harder to protect than ever. Suddenly, hundreds or even thousands of devices were connecting to the network, many from outside the network itself and its centralised suite of security tools, revealing new avenues of vulnerability that bad actors could exploit. 

Meanwhile, the data these devices are working with has become increasingly important and valuable. From cameras collecting traffic data to hospitals electronically recording patient data, local governments are collecting, transmitting, storing and analysing vast amounts of personal information about their constituents.  

Bad actors are aware of how important this information is and waiting in the wings to take advantage of any vulnerabilities. In fact, research from 2019 shows that nearly a fifth of UK public sector organisations reported over 1,000 cyberattacks the previous year, while more recent studies show that about 11 percent of all cybersecurity incidents involve the public sector. 

Whilst cybersecurity has traditionally been seen as a ‘nice to have’ by many of these organisations, it has swiftly and undeniably become a necessity. With the advent of hybrid working, our new borderless environment requires a strong approach. Security practices and strategies need to be baked into any network architecture and embedded into any project. There is very little room for mistakes.  

A new era in protection

With cybercriminals taking advantage of the chaos surrounding the pandemic, public sector organisations need to act now to implement the strategies and technologies that will enable them to protect both their employees and the general population moving forward. 

The first step is to implement a strong layer of foundational security, such as that provided by secure DDI (DNS, DHCP and IPAM) solutions. By augmenting visibility into network activities, no matter where devices are connected from, DDI can help public sector organisations to take back control. This type of technology can plug the gaps that other tools miss and ensure that network security is extended from the core to the edge.  

To add to this, 90 percent of malware touches DNS — the first D in DDI —when entering or leaving the network. This makes it a critical detection tool that can be used to pinpoint threats at the earliest stages and identify compromised machines. Ultimately, DDI enables IT teams at public sector organisations to quickly detect and fix any vulnerabilities, no matter where they originate. 

As the battle against COVID wages on, the public sector’s role is an important one. But, the sad truth is that cybercriminals don’t pause their activity because of a global pandemic. Instead, as the last year has evidenced, they take advantage of the chaos to target new victims and make a profit. No organisation is immune. Therefore, the public sector needs to shift away from its traditional view of cybersecurity as an afterthought. In our new landscape it needs to be priority number one and there needs to be a firm focus on improving and adapting systems in order to protect and defend the general population.