While there has been an increase in the awareness of the cybersecurity threat facing public sector organisations, there remains some confusion as to how best deal with it.
That’s according to Rob Batters, director of managed and technical services, at Northdoor plc, who says it is difficult for any organisation, public or private sector, to ensure that they are able to deal with the level of threats now facing them.
Upsurge in attacks
The public sector is facing an upsurge in the number of attacks it is facing from cybercriminals. A request found that UK councils had faced 2.3 million attacks by the middle of 2022. This equates to 10,000 cyberattacks every day – a huge number.
Most of these are phishing attacks, reflecting one of the biggest cyber challenges facing the public sector, said Batters.
“The sophistication associated with phishing attacks now makes malicious emails very hard to distinguish from genuine ones, meaning that more are getting through and impacting public sector organisations and potentially frontline services. This ‘Human Activated Risk’ as it is called is likely to increase over the next twelve months,” he explained.
Another, of the big threats facing the public sector, is from partners and supply chains.
“Cybercriminals will always look for the easiest route into an organisation and like the employee, third parties are increasingly seen as exactly that. 2022 saw an increase in the number of attacks originating with third parties or suppliers. This has been a real issue for both public and private sector organisations as it means any budget spent on their own defences is negated as you are essentially leaving the backdoor open,” said Batters.
Meanwhile, with budget cuts adding to already stretched finances, Batters warned against organisations cutting down on or not investing in is cybersecurity.
“Any such cuts could leave public sector organisations vulnerable at a time when the threat is greater than ever,” he said.
Four critical layers of cybersecurity
With the public sector now complex, inter-connected and full of highly sensitive data, Northdoor advocates for a holistic approach to cybersecurity. Clients include Salvation Army and Maidstone Tunbridge Wells NHS Trust.
The company provides cybersecurity-managed services across four critical layers that sit within most organisations. Batters explained:
The Core
“At an organisation’s core there needs to be a secure infrastructure in place. It needs to be located where you need it, on-premise, in the cloud or a hybrid of the two. By having the appropriate governance and compliance controls in place, organisations can ensure user can only access the data appropriate to their role, making it harder for cybercriminals to gain access to the most sensitive data.”
If you liked this content…
Securing Public Sector Supply Chains
UK critical services facing catastrophic ransomware attack
Fourteen schools hit by ransomware attacks with highly confidential documents taken
The £22 billion future of the UK’s cybersecurity: Insights for suppliers
The scramble to offer security: service providers see opportunity in COVID-19 landscape
The Inner Layer
“Protecting the inner layer should include the continuous monitoring of all endpoints, the immediate, ongoing detection and response to incidents, defence against Human Activated Risk, through anti-phishing and data leakage measures, as well as holistic view of all events and threats.”
The Edge
“The edge of a business is where internal systems meet the outside world. The edge should be continuously monitored and scanned for vulnerabilities. Defending the edge also means ensuring that you have a grip on what the latest threats look like and how your existing defences are performing.”
The Outer Layer
“With the threat from supply chains a very real one, having the ability to protect yourself from the vulnerabilities that lie within partners. Our solution RiskXchange uses AI solutions that can allow public sector organisations to gain a 360-degree view of the vulnerabilities within their partner’s networks. Once identified shutting it down before a cybercriminal takes advantage will be critical.”
Batters also maintained that a managed cyber service could provide reassurance for public sector organisations.
“Many public sector organisations lack the internal resources to deal with an ever-changing threat or, understandably, they would prefer to invest in delivering frontline services. Cybersecurity as a fully managed service can provide public sector organisations a team of experts on-hand to deal with cyber threats. This takes the pressure off of internal teams, solutions can be implemented and crucially, updated, and gives the organisation as a whole peace of mind as new threats can be identified and dealt with, giving them an enterprise-level cybersecurity function.”
Employee cybersecurity training
He also said one of the best steps that organisations can take is to ensure that there is regular training and updates for staff.
“Too often, cybersecurity training sessions happen annually and with the threat from cybercriminals changing in nature all of the time, any advice given at an annual training session can very quickly be out-of-date. By giving employees the tools to identify and deal with an increasingly sophisticated threat public sector organisations can help cut the number of successful hacks. Essentially, you are turning employees from the weakest link in your defences to a much stronger one,” he explained.
However, Batters noted that it is important that organisations do not overload employees with warnings.
“Too many solutions now send constant warnings and this has caused some ‘security fatigue’ leading to poor decision-making and an inability to distinguish between warnings that require immediate action and those that are less important. We have been working with organisations to implement solutions that only send an alert at the point of ‘danger’ allowing for real-time learning,” he said.
Northdoor holds both IBM Platinum Partner and Microsoft Gold Partner status and offers a range of cybersecurity solutions ranging from ransomware security protection and defence, cyber recovery and cyber resilience to email security and data masking.
