WITH October marking International Cybersecurity Awareness Month, Chris Buchanan, Client Solutions Director Dell Technologies South Africa argues that government needs to take cyber threats a lot more seriously.
Cyberattacks and disruptive events are on the eise, affecting 82% of organisations surveyed in the Dell Technologies Global Data Protection Index 2020 Snapshot. These organisations included both public and private organisations.
National and local government leaders need to take these issues seriously. While organisations across sub-Saharan Africa are increasingly leveraging multiple cloud deployments to achieve digital transformation, data could be at risk and the need for a clear and defined cybersecurity strategy becomes clear.
Ultimately data is the target in ransomware attacks. According to a study conducted by World Wide Worx, titled “Cloud in Africa 2020”, respondents were asked about the main security concerns they perceived to exist in cloud technology.
Nearly two thirds (63%) of respondents reported data security and the possibility of a data breach to be the main concern.
An investment in the right technology and careful execution of cyber procedures will immediately transform the security posture of national and local government bodies. The timing of an attack is hard to pre-empt, so government needs to be prepared should this happen.
Develop a cyber playbook
Like agencies that have preparedness plans to protect and respond to natural disasters, cybersecurity teams also need to plan in advance for cyber incidents, this should include the development of playbooks with varying scenarios. Flexibility matters because as an organisation’s goals change, so do the risks.
Train, train and train again
Having government institutions in place and on high alert doesn’t ensure citizen data will be protected. One important scenario to consider is when data or a system becomes unavailable or corrupted. This is where developing a system backup plan comes in, to know how long an organisation can operate through an outage, and how to transition to paper logs if necessary.
Security teams should always utilise opportunities for continual training. When a new member joins the team, use the onboarding process to reintroduce exercises and best practices to the whole team.
Leaders should also leverage creative methods—including team events and gaming-based training, such as capture the flag and software that simulates attacks—to facilitate greater participation and learning.
These scenarios should include best-case and worst-case outcomes of an attack. Awareness training is also key for teams to be able to identify and respond correctly to suspicious activity within networks.
Audit (and supplement) personnel
Cyber leaders should continually audit organisational roles to determine specific strengths and weaknesses within their teams to assess their stance on risk management.
The need for cyber talent is clear – The lack of cyber personnel and resources are undeniable globally and South Africa often loses skilled cybersecurity professionals to other global players, just making the gap bigger.
A successful way to bridge this gap is through a hybrid managed service model, which includes a combination of civil servants and support agreements with private sector companies that help augment resources to respond quickly in the face of cyber incidents.
Proper cyber hygiene
Cyber hygiene isn’t a one-off exercise or something that is observed during International Cybersecurity Awareness Month, once a year in October — It’s a consistent mindset that encompasses all parts of our life and a continual journey.
As governments reinvent the ways they operate and interface with constituents, they must also empower employees through a workforce transformation to meet the growing security expectations of the 21st century. This needs to be a year-round effort, with substantial, calculated investments in employees through awareness campaigns.
Cyber hygiene and culture begin at home. It’s important government organisations and employees educate using phishing exercises and cyber literacy, helping understand the possible negative consequences both at home and in the workplace.
Invest in infrastructure with built-in security
Government organisations struggle to protect the numerous endpoints that fall outside of the traditional security reach of the organisation. As the number of tools and cloud-based systems increases, the volume of generated data also rises, expanding IT infrastructure beyond data centres, making it harder to protect against threats.
It’s vital then for governments to invest in a secure, flexible infrastructure from the beginning, extending from edge to core to cloud. Doing so will allow them to focus on continually improving citizen experience without having to worry about the disruption of layering security on top.
The road ahead
An investment in a comprehensive security approach saves invaluable time and resources, but also preserves public trust. For example, if citizens can’t trust an online portal to conduct business with the government, they may all show up in person, disrupting service and organisational processes, or perhaps worse, their needs may go unmet.
Fighting ransomware is an iterative process that measures progress. Government bodies should tailor these efforts to make the most significant impact within organisation and meet with their business peers to re-assess risk and adjust the course of the cybersecurity program accordingly. – GeekWire.co.za