Cyber Security
A moving target is harder to cyberattack By their ‘connected’ nature all public sector organisations are cyberattack targets. But none have to be victims, writes Jonathan Lee, Director of Public Sector, Sophos As the world looks to bounce back from Threat surface change the global pandemic, the role of public To compound the problem, the threat surface services has never been so important. It’s has changed due to the increasing popularity of largely for this reason, and the sensitive hybrid working. Digitisation has also massively data that these services hold, that they’re accelerated since the start of the pandemic with becoming increasingly valuable targets cybersecurity unable to match the rapid for cybercriminals. In the Sophos pace of change that has been forced State of Ransomware in on organisations everywhere. Assume Government 2021 report, Security which wasn’t baked you wil 40 per cent of central in during the rush to get government and NDBP up to speed with the new hit. It’s b l be e organisations and 34 per digital benchmark now t t e r be prep to cent of local government has to be attended to a red and avoid a organisations were hit retrospectively, providing c by ransomware in the another unwelcome cost breach ostly security rather t last year. It’s a massive at a difficult time. ha the oth problem and a costly one Despite the cost of er way n too. The average bill for prevention, it’s crucial that round. putting things right after a the public sector recognizes ransomware attack, including this threat and puts the necessary downtime, labour, technology measures in place to protect itself. 21 and paid ransoms was £1.02 million per cent of those in central government and for central government and NDPB and £1.22 28 per cent in local government still believe they million for local government organisations. are not a target of ransomware.
Understanding the threat To successfully protect themselves, organisations have to be proactive rather than reactive, understanding the threats quickly and prioritizing the steps needed to be taken. That’s not as easy as it sounds with the nature of these threats changing all the time. Rather than viruses, malware and ransomware still existing in isolation, these threats have merged, leading to the emergence of Ransomware as a Service (RaaS). This new development gives criminals who lack the time or skill to develop their own ransomware the opportunity to buy it off the shelf and use it straight away. There is a real requirement for senior people who understand cybersecurity to be appointed on boards to champion the need for action. The NHS is typical in the sense that IT leaders have found it difficult to argue for funds to take proactive measures when there hasn’t been a high-profile attack like WannaCry for a while. Addressing the skills shortage The current skills shortage is a particular problem at a local level. In a recent survey within the public sector, over half of the respondents (54 per cent) admitted that cyberattacks have now become too advanced for their current IT team to deal with on their own. Smaller organisations tend not to have big teams or round-the-clock protection, and it doesn’t help that some of these have a false sense of security believing that an anti-ransomware tool will be up to the latest challenges. The fact is, even though advanced and automated technologies are essential elements of an effective anti-ransomware defence, preventing attacks also requires the constant attention of skilled professionals. Whether it’s E
Issue 29.3 | GOVERNMENT BUSINESS MAGAZINE
57