As bad actors evolve their strategies for attack, government too must continue to course correct.
In the last several surveys of state, county and city tech leaders by the Center for Digital Government,* cybersecurity ranks No. 1 on the list of priorities. A growing number of localities have dedicated IT security staff, and an overwhelming majority say they’ll need more cybertalent in the future.
It’s hardly surprising. Our Setting the Cyber Scene infographic is filled with stats that justify the importance of adequate resources directed toward cybersecurity. For example, research firm Cybersecurity Ventures estimates that by 2021, damage from cybercrime will reach $6 trillion.
To help get ahead of the threat, one strategy gaining traction in both the public and private sectors is a robust cybersecurity training program for staff. “Humans are still the No. 1 attack vector, the No. 1 target and they have to be the first line of defense,” said Missouri’s then-Chief Information Security Officer Michael Roling.
Training takes many forms — numerous vendors now offer a variety of options to fit the needs and the budget of government clients. And while most have made significant headway arming employees with cyberknowledge, some say that they’ve hit an awareness threshold they can’t get past. Human nature, and the various stressors weighing on an employee on any given day, mean that even those who know better will sometimes click on that link, open that attachment or offer up credentials on an insecure network. Our story Solving Cybersecurity's People Problem examines the benefits and limitations of cybertraining, and looks at what comprises an effective, comprehensive approach.
In New Trends Take Off in the Cybermarket, we look at the evolution of the technology driving cyberdefense and the market that has grown up around it. Like the tech industry in general, cybersecurity is evolving from manual and hardware-dominated to more automated and software-driven strategies. The steady migration toward the cloud over the past decade has helped many in government manage their security posture more easily, though these gains are tempered by environments that include aging legacy systems requiring manual updates — taxing a workforce that has far from recovered to pre-recession levels. Artificial intelligence is also playing a growing role in cybersecurity, yet it too has its limitations. Experts largely view AI as something that can enhance traditional threat analytics tools, rather than replace them.
Earlier this year, Atlanta suffered the most far-reaching ransomware attack to hit an American city, knocking both internal and citizen-facing systems offline for weeks. While the city reports that the recovery is largely complete, costs now dwarf the original bitcoin demand of $51,000. For our story What Can We Learn from Atlanta?, we talk to city officials, partners and outside experts who put the incident, and the evolution of the ransomware threat, in proper context.
Our hope in taking a deep dive into stories like this one about Atlanta is to help other jurisdictions find the lessons from the attack that can move them toward more secure, resilient IT infrastructure. Threats like ransomware are only growing in sophistication. Kevin Haley, Symantec’s director of product management for security technology and response, said criminals trading in ransomware in 2018 are highly skilled.
“I think many of us just think that sort of thing is just not going to happen to us,” Haley said. “You may be one of the lucky ones, but it’s less and less likely that you’re going to be one of the lucky ones every day.”
Better not to bank on being lucky.
*The Center for Digital Government is part of e.Republic, Government Technology's parent company.