A string of recent major security incidents ranging from WannaCry to Petya have once again elevated the global government security policy conversation regarding ransomware and other types of malicious cyberattacks.
Ukraine’s national bank, state power distributor and largest airport were among recent targets, but significant business impacts were felt all over the U.S. and western Europe as well. In one instance, a cyberattack on Princeton Community Hospital’s computer network in West Virginia led officials to replace the entire computer system. Staff went back to using paper forms until the new system was installed.
These incidents and attacks raise questions such as: What proactive security measures can organizations take to ensure they’re giving security and privacy the attention required? What government security policy and specific actions are needed to adequately address these emerging cyberthreats? And finally, what security best practices should government leaders and staff be aware of in order to balance the need for productivity and security?
Creating a Sustainable Framework
The National Institute of Standards & Technology (NIST) issued a draft update to the Cybersecurity Framework in January of this year, after the initial Framework was released in February 2014. After comments are incorporated, an updated version of the Framework is expected to be released later this year.
Nevertheless, the core cyber best practices for both the public and private sectors are expected to remain consistent, and a presidential executive order reaffirmed this approach. The cyber directive, which was released in May, stated “Cybersecurity risk management comprises the full range of activities undertaken to protect IT and data from unauthorized access and other cyberthreats, to maintain awareness of cyberthreats, to detect anomalies and incidents adversely affecting IT and data, and to mitigate the impact of, respond to, and recover from incidents.”
Further, “Effective risk management involves more than just protecting IT and data currently in place. It also requires planning so that maintenance, improvements, and modernization occur in a coordinated way and with appropriate regularity.”
Security Best Practices
A large number of sophisticated attacks against government agencies has led to cybersecurity being identified as a critical focus area within government. While preliminary agency risk management reports from across the federal government are due this month and in August as a result of the executive order, all levels of government need to be conducting similar security reviews to prepare for appropriate cyber action. The necessary steps include:
- Assessing citizen and employee data held by the government for the level of privacy and security. Many call this a data inventory project, which includes classifying data in your internal and external clouds and managing mobile devices. It should be noted that NIST has recently raised the visibility of privacy risk assessments equal to that of cybersecurity reviews.
- A determination regarding your government resilience against botnets and other automated, distributed threats. What vulnerabilities are in place and are they being remediated?
- Ensuring that your government security policy supports the growth and sustainment of a workforce that is skilled in cybersecurity and related fields as the foundation for achieving our government objectives in cyberspace. This includes training for end users and specific steps that employees can take in managing sensitive government data on their mobile devices and in complying with appropriate government security policies.
There is a growing recognition of the need for the public and private sectors to come together and ensure that technology, processes and employees work together to keep systems safe and data protected. Enterprises need to be equipping system administrators and end users with the right tools for managing mobile devices with the needed security protections for enforcing and enabling appropriate government security policy. This includes data backups, resiliency and quick response to security incidents when they do arise.
In conclusion, citizen trust in government can be improved by ensuring that cybersecurity policy promotes an open, interoperable, reliable and secure internet that fosters efficiency, innovation, communication and economic prosperity, while respecting privacy and guarding against disruption, fraud and theft.
Our government technology solutions are ready to assist government agencies with their digital transformation efforts.