As cyberthreats escalate, government agencies around the world need to take action to mitigate the risk to their data.
In the wake of heightened global cybersecurity tensions, government agencies are increasingly looking to fortify their cybersecurity preparedness to protect against malicious attacks. Cyberattacks have evolved from a mere inconvenience into a crime with potentially global catastrophic implications. The world’s reliance on cyber infrastructure means that the importance of national and global cybersecurity cannot be understated.
Luckily, we are starting to see global organizations and governments increase their focus on protection against cyberthreats. In early 2018, the World Economic Forum (WEF) announced a new Global Center for Cybersecurity in an effort to safeguard the world from hackers and protect against rogue nation-states. The goal of the center is to create a safe and secure global cyberspace, allowing collaboration between governments, businesses, experts, and law enforcement agencies for protection against cybersecurity attacks.
While it’s immensely important for organizations such as WEF to focus their efforts on these sorts of global initiatives, it’s also critical for local organizations and governments to do their part to protect their infrastructure and citizens.
As cybersecurity becomes a global issue, it will be key for governments and government agencies to implement the right tools and processes to protect themselves and their citizens from potentially devastating threats. This slideshow investigates key ways that governments, government agencies, and organizations should prepare to lessen the impact of an attack.
Nick Bilogorskiy drives cybersecurity strategy at Juniper Networks. As a founding member at Cyphort, which was recently acquired by Juniper Networks, Bilogorskiy created and led the Cyphort Labs Threat Research team and played a critical role designing Cyphort’s malware detection logic and product user experience. Prior to Cyphort, Bilogorskiy was Chief Malware Expert at Facebook and also held security research leadership positions at Fortinet and Sonicwall.
Prepare an incident response plan
As they say, the best offense is a good defense; by preparing for the inevitability of an attack, organizations can significantly help themselves if and when the attack occurs. Incident response plans outline what to do in the event of a breach, including specific tactics and roles for everyone involved. For government entities that hold enormous amounts of highly sensitive data, knowing exactly what the most crucial data is, where it can be found, and how it can be protected in the event of an attack goes a long way towards maintaining effective security. Time is of the essence, so the more prepared they are ahead of time, the better they can recover.
It’s also not enough to put some policies in place and never revisit them. As the threat landscape continually evolves, so too should the incident response plan. Learning lessons from past events and doing the absolute best to think like a hacker will go a long towards ensuring an incident response plan is up to snuff.
(Image: Natasa Adzic/Shutterstock)
Invest in redundancy around all mission-critical services
When a major cyberattack occurs, it’s likely that mission-critical services will be the most heavily targeted and affected. Adding redundant network infrastructure, such as standby switches and routers, can ensure the network isn’t completely unavailable in the event that the initial path is compromised. All too often, governments have legacy infrastructure that may or may not work well with the latest and greatest technology. For this reason, it’s even more critical to ensure that there is additional back-up infrastructure available in the event that the first option is compromised. Alternate network equipment is especially vital for maintaining network availability in case a government is hit by a distributed denial-of-service cyberattack.
Think like a hacker
Part of preparing for an attack means playing out all of the worst-case scenarios. This can require teams to think and act like a hacker, identifying all possible vulnerabilities by targeting their own infrastructure. All organizations are at risk, but given the current worldwide political climate, governments can be virtually assured that they will be targeted at some point if they haven't been already. Various tactics can include regular breach drills or red-team exercises, as well as pen-testing and risk assessment. Each of these activities allow organizations to know where their weak spots are to better address their vulnerabilities before the hackers get to them.
People are your best investment
There is no shortage of concern about the lack of skilled security personnel currently available to support organizations with their security needs. By 2021, an estimated 3.5 million cybersecurity jobs will be unfilled, up from 1 million in 2017. That means it’s even more crucial to invest in cybersecurity talent, recognizing the potential shortage and importance of skilled employees.
In a thin market, governments and government agencies should also realize the competition they face from the private sector, particularly as global technology organizations continue to entice top talent with high salaries and other benefits. Having a strong team of security professionals in place can significantly minimize the amount of time it takes to respond to a threat, so investing in a strong security team is one of the best approaches that organizations can take.
(Image: The Digital Artist/Pixabay)
Big-data analytics can help automate and simplify cybersecurity incident response while also compensate for the talent gap. When used effectively, analytics can increase detection accuracy and provide security professionals with better data with which to make decisions, lessening the time to response. In addition, analytics technologies can continually collect, correlate, and understand data from multiple sources while learning new threat behavior and automatically working with security tools to contain threats. These automated functions allow security professionals to rapidly respond to threats, getting the most relevant information in a timely manner and minimizing the manual labor of identifying the threat.