Intelligent CIO Logo
Enterprise SecurityIndustry ExpertInsightsIntelligent TechnologyTop Stories

Cyber resilience: A strategy the public sector can’t afford to overlook

Cyber resilience: A strategy the public sector can’t afford to overlook

Thomas Mangwiro, Business Development, Public Sector, Mimecast, says public services are getting smarter and more connected.

Public services are getting smarter and more connected. However, Thomas Mangwiro, Business Development, Public Sector, Mimecast, says these innovations need to be matched with a new defensive strategy.

Thomas Mangwiro, from Mimecast.

Public services are getting smarter and more connected, but these innovations need to be matched with a new defensive strategy.

The opportunity to wreak cyber havoc against transport infrastructure, health services and citizens’ personal data has been so dangerous.

In 2017, WannaCry struck a number of organisations across the world, including National Health Service hospitals in England and Scotland. This not only compromised personal patient information, but also gave hackers potential access to 70, 000 devices, including computers, MRI scanners, theatre equipment and more.

Governments all over the world are working towards implementing Smart Cities, where investment in cloud, analytics and intelligent infrastructure can help optimise public services. In Africa, for instance, Kenya’s government is planning to construct Konza Technology City – a large high-tech hub of information that will be built outside the capital of Nairobi.

South Africa’s public sector is also embracing innovation and technological evolution. While plans to make the major metros ‘smart’ are only at the beginning stages of implementation, the necessary steps are being taken by many of the country’s governmental departments to start their digital transformation journey.

The cloud has been a major driver in this shift, as it holds the power of convenient, fast and reliable collaboration and information-sharing. In fact, it’s not too far-fetched to think that soon most, if not all, organisations in every public sector in Africa will be fully reliant on cloud services like Office 365, to function effectively and meet the increasing demands of the communities they serve. Cybersecurity, therefore, should be a high priority for every CIO in a public service-related industry, and here’s why.

Challenges facing the public sector

File cabinets and archaic IT infrastructures are becoming obsolete and citizens’ data is now being stored in the cloud. This way, government employees can access and share information, make more informed decisions and offer improved, personalised services quicker. Certain departments, however, hold data that is extra-lucrative for cyber criminals – even more so than credit card numbers. Take hospitals for example. Passwords and banking details can be changed, but personal data pertaining to allergies, ailments and mental health? That information is highly private and seldom changes, making medical data especially enticing and highly targeted by criminals.

Employees in certain departments – organisational insiders – have access to sensitive records. If these individuals have malicious intent, they can misuse the data. It’s possible for them to ‘leak’ the information of a prominent member of society, like a CEO or celebrity, to a third party for their own personal gain, to tarnish a reputation, or both. This will have huge implications when the Protection of Personal Information Act (POPIA) comes into effect, as any department not complying and keeping personal information safe, will face repercussions.

Additional public service concerns 

Having private data accessed and exploited is definitely cause for concern, but when lives are on the line, as was the case with the WannaCry incident, it’s clear that public sector organisations need to ensure that they put necessary emphasis on protecting the information they handle. The health industry is just one example. There are educational, transit and numerous other organisations that need protecting too.

Think about any governmental department that verifies the identity of every individual in the country. Now, imagine it suffers a devastating attack and consequently loses the stored data of millions of citizens. People’s records would be wiped, meaning they would ‘not exist’ and identity theft would run rampant while the department attempted to get the situation under control. There’s also the massive issue of services being halted as a result of the attack. The inability to process documents along the lines of birth, marriage and death certificates, for instance, would bottleneck an already very busy system.

A clear call for cyber resilience

What every public service needs to do to avoid any potential disasters is adopt a cyber resilience strategy. To be clear, this is not the same as cybersecurity. Security focuses purely on protection, whereas resilience is about assuring the ability to recover and continue with business as usual. Cyber resilience includes measures of prevention, but it differs to cybersecurity in that it also helps avoid data loss and downtime. Organisations need to be able to quickly get things back into an acceptable state of operation in the event that a breach or hack does actually occur.

What’s worrying is that many organisations do not have a cyber resilience plan in place. According to a Vanson Bourne and Mimecast study, only 23% of surveyed businesses and organisations in South Africa for example currently have a cyber resilience strategy. Even more worrying is that only 53% of the respondents were completely confident that they would be able to restore all important files in the event of an email-borne ransomware attack. These statistics are not necessarily indicative of what’s going on in the public sector, but it is safe to assume that there are departments not fully protected, nor capable of resuming service in a speedy manner.

Cyber resilience for email is key

With the cybersecurity landscape as perilous as it is, where does a public service organisation even begin to focus its attention when it comes to a cyber resilience strategy? It starts with something simple – email, the number one communication channel used by most, if not all, organisations in Africa.

Email, unfortunately, is also an equally popular medium for cybercriminals to launch their attacks and that’s why defending it should be an imperative for every organisation. Internal training of the workforce goes a long way to prevent breaches from happening, but it’s still not enough. According to a study by Friedrich-Alexander University, 78% of people claim to be aware of the risks of unknown links in emails and yet they click anyway.

Couple that with the fact that hackers are constantly evolving and finding new, imaginative ways to dupe their victims and it suddenly seems like no organisation is safe. How can they be, when there are so many external, and even internal, variables to keep in mind?

Ensuring public services continue to run

So, how can organisations ensure they minimise the impact when an attack is successful? The solution lies in a layered approach that covers all email and data security bases and encompasses advanced security, archiving and continuity.

Breaches often lead to downtime, leaving employees unable to access everyday tools, like Microsoft Outlook, G Suite by Google Cloud, Micro Focus or Lotus. In the public sector, this halts the delivery of vital services, which can have disastrous consequences. Hence, it is essential to have a continuity service in place to ensure a quick, seamless switch to an available service should downtime due to a cyberattack occur.

Another essential ingredient in any cyber resilience strategy is a cloud-based archiving solution. Hosting all email and data with a single vendor, like Office 365, raises important questions about data assurance. Organisations need to consider the possibility of data loss or corruption after a cyberattack or technical failure. But as the Vanson Bourne and Mimecast research indicates, many organisations aren’t currently able to restore this data.

A service like the Mimecast Cloud Archive can help mitigate that risk, by creating a digital corporate memory and allowing email to be restored on demand. This dramatically decreases the risk of data loss or corruption after a cyberattack, human error or technical failure. Public service departments can breathe easy knowing that their sensitive data is fully encrypted and is always available, always replicated and always safe in the cloud.

What makes the transition to a multipurpose archiving solution of this nature easy is the fact that it lives entirely online. This eliminates the need to overhaul or implement expensive infrastructure onsite. It also allows for quicker adoption and implementation, minimising and even eliminating any sort of downtime. Moreover, the Mimecast Cloud Archive works synonymously with the applications most organisations are already using, like Microsoft Office 365, Exchange and Google G Suite.

Make the smart move

According to an international study on the cost of cybercrime, surveyed public sector organisations experienced 53 attacks on average per week during 2017. That figure is only going to get worse in 2018 and beyond – if no measures are put in place.

Adopting a cyber resilience strategy is therefore an essential consideration that every CIO in the public sector should make. Their organisations are high-value targets and because society relies on them for essential services, they should do everything in their power to ensure data and networks are always kept safe, yet also always available and running to serve their citizens.