security

Data Security For Governments: Current Challenges And The Way Forward – Forbes


Founder, Buuuk – Digital Innovation.

Lately, cybercrimes have been at an all-time high in terms of both sophistication and number. In fact, it’s expected that it will incur $10.5 trillion in damages per year by 2025.

Governments routinely deal with sensitive information about their country and its citizens, putting them at high risk. How can they make sure their data is safe from such attempts when cybercriminals know the worth of sensitive information and how it can be used for their profit?

Current Challenges

What are the main challenges that governments face in becoming more cybercrime-resilient?

Lack Of Trained Personnel

Governments struggle to find ethical employees with cybercrime experience that work closely under the law. Low government salaries, an absence of defined career paths and complicated hiring procedures make it difficult to attract the best talent.

Employee Benefit News reports that 80% of data breaches happen in companies because their employees aren’t properly trained. Keeping underqualified personnel can put an organization at major risk.

Outdated Tech

Outdated technology systems—commonly referred to as “legacy systems”—present significant challenges for the government. These systems can be expensive to maintain and are often susceptible to cyberattacks.

Legacy systems are widespread in the government. A choice easier and more practical than replacing them entirely might be to find modern and secure technology that integrates them and makes them more usable than ever before.

The Way Forward

Here’s how governments can work to improve their cybersecurity.

Improve Infrastructure

According to Verizon, 80% of hacking attempts are connected to passwords. Relying solely on passwords for security has resulted in many organizations experiencing cyberattacks.

Readers Also Like:  AIST Tech Leak: Are Some Newspapers Better Aware than Others? - JAPAN Forward

Employing software that limits access to organization networks is a key step for governments to avoid such attacks. Two-factor authentication, biometrics and encryption are some of the components necessary in such solutions.

Implement Adaptable Authentication Methods

Phishing has been one of the most alarming forms of security breaches. Users are tricked into revealing important information.

Phishing attacks comprise 90% of security breaches in companies. Governments are tackling phishing attempts with multifactor authentication.

They also need to ensure that the authentication system used supports mobile interfaces and is made with mobile users in mind. As mobile users provide sensitive information through browsing and search history, they are at high risk of phishing attempts.

Also, many mobile users aren’t tech-savvy. Keeping the authentication process simple helps users most at risk of such attacks, like senior citizens, to be able to properly authenticate their devices.

Use Biometrics Cautiously

Biometrics are used for individual authorization, providing access and identifying individuals. The use of biometrics with digital devices has improved their security.

For example, biometrics such as fingerprint and facial recognition helps ensure that no one except the intended user can unlock the device. Also, biometric locking systems can be incorporated into individual apps, helping keep the content of a mobile phone or computer safe.

However, it’s important to know that biometrics are stored on a centralized system and can be hacked as well. So, biometrics are most useful as the first layer of protection in a multilayer authentication process.

Audit And Identify Shared Assets

Third-party attacks happen when cybercriminals enter your system through an outside partner, making third-party authorization a risky process. Third-party attacks saw a jump in 2021 by 17%.

Readers Also Like:  Adaptive security, sovereign cloud, hyperautomation top govt tech trends - IT Brief New Zealand

Because of this, governments should perform third-party audits and implement cybersecurity solutions built to identify all third-party user activity. In case of an attack, a map of activity generated through a third-party audit can help identify the source.

A shift to remote work after Covid-19 increased the number of opportunities for attackers. So, consider using a zero-trust approach in which every user is given specific access based on their individual needs. This helps the system stay safe from people who don’t need access.

Encrypt When Possible

Encryption allows the integrity of data to be maintained by turning simple text into an encrypted code language. Encrypted data isn’t understandable by humans—it can only be deciphered by computers and decryption tools.

Encrypting the mobile devices used by your employees to keep the data safe is another way to maintain security. Furthermore, remote and hybrid work arrangements have increased data security risks. Not allowing employees to use their personal emails at work helps keep data safe.

Creating A Culture Of Cybersecurity

Investments in cybersecurity technologies, training and awareness programs have skyrocketed. Training the staff to be cautious can help attack-proof your systems and prepare employees to handle breaches when they do occur.

Train Personnel

Training employees on password management and how to avoid phishing emails is one part of the solution. But preparing employees for the rising threat of cybercrime involves integrating safety into the structure of the organization. It’s important for governments to adopt a culture of cybersecurity at all levels: leadership, teams and individuals.

Make Cybersecurity A Part Of Employee Evaluations

To make sure employees are on the same page, government organizations can make it a practice to evaluate cybersecurity behaviors formally.

Readers Also Like:  Ransomware attacks on public sector persist in January - TechTarget

Conduct Cybercrime Drills

Government organizations can simulate what would happen in the event of a real breach and help employees realize the criticality of such threats.

Revisit Security Policies

There’s a need to have a zero-tolerance policy toward cybercrimes. This calls for policies and procedures to safeguard critical assets, detect breaches and respond to incidents in case of occurrence.

Government agencies can’t rely solely on the best security technology. As attacks become more sophisticated, they must also put strong policies in place that enable employees to detect, respond and recover from such attacks.

Cybersecurity Isn’t A Project But A Mindset

A cybercrime-resilient infrastructure and culture help reduce distraction, risk and damage. Becoming cybercrime resilient won’t prevent all data breaches, but it can reduce them to a great degree so your organization can focus on its mission instead of fighting cybercrimes.


Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?


Follow me on LinkedInCheck out my website



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.