Since the start of the pandemic, the term hybrid working has gone from a buzzword, to a way of life. This change has seen the demand for online services, especially citizen services, become higher than ever. Given the public sector’s reputation as a slow-moving industry, it’s no surprise it has a lot of catching up to do to reach this demand.
Positively, though, the UK government unveiled its long-awaited strategy earlier this year to improve digital public services. The Digital, Data and Technology (DDaT) capability framework was the latest in a set of policies aimed at making the UK ‘digital by default’. Aiming to harness ‘digital to build and deliver services’, is this framework the turning point the industry needs to move forward digitally?
Modernising to catch up
Legacy systems are rife in the UK public sector. Most, due to their age and design, lack both interoperability and scalability, making it difficult for them to manage workloads. With these struggles existing pre-Covid, the impact of the pandemic put even greater pressure on service continuity, with organisations compelled to quickly create hybrid working solutions as the nation went into lockdown.
Positively, departments in the public sector adapted quickly to these new ways of working. Many did so more smoothly than expected, displaying agility and resilience. This shift was enabled by the use of technology, with services, for example, swiftly moved to the cloud in accordance with general government strategy.
The policies laid out by the UK government are a positive step in the move by the public sector to improving digital citizen services. However, while many organisations have pushed ahead with adopting these new digital models, many haven’t given cybersecurity the same priority as digital improvement. As a result, security flaws have appeared, leaving systems exposed and potentially vulnerable to attack.
The ramifications of a cyber attack on the public sector are potentially huge. Prevention is key, especially with implications such as downed healthcare services – which happened as a result of the WannaCry ransomware – or the compromise of other public services, such as councils, law enforcement, or education.
While the public sector has already seen the transformational power of applying the right DDaT strategies, their use has highlighted a number of systemic flaws. For example, when security is not incorporated from the beginning of a project, cyber debt results. This is usually due to the investments which are made to promote operations and growth having outrun the security measures which should have been in place, meaning organisations have to continually catch up. Such issues are prevented by doing things correctly the first time and ensuring that, when implementing new systems, security is constantly being taken into consideration.
The cyber arms race
There is an arms race in cybersecurity. Organisations and their opponents – threat actors – are fighting against each other with the aim of coming out on top. Threat actors are driven, quick, and technologically advanced, and cyber attacks are becoming more sophisticated, with the ability to cause significant damage to the networks, data, and services the country depends on. As a result the threat landscape is continuously evolving and changing.
Attackers use methods which work, and usually try to breach organisations by looking for flaws in privileged accounts. In fact, according to Forrester research, privileged access abuse accounts for 80% of breaches.
There are typically four steps involved in breaches. An attacker will initially try to get access to privileged identities without authorisation. Once this has been established, they will travel laterally and vertically through the network looking for high-value targets. Then they move to utilising privileges at a higher level to accomplish what they are there for, which could be data theft, intellectual property theft, or service interruption.
The future of digital innovation
It has become clear that cutting-edge technologies have been key to the change we have, and are, witnessing at all levels of the public sector industry. But, while the race to protect against malicious actors continues, vigilance must be at the forefront of digital innovation within the public sector.
Cybersecurity must be a primary component of every significant IT or digital programme, and from the start too. If transformation is to be beneficial in the long term, and public services are to continue running safely for the general public, cyber debt needs to be reconciled.
Daniel Lattimer, Director Government & Defence, EMEA at CyberArk
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.