State & Local Government
Cyber-attacks on government agencies are happening at an alarming rate. These attacks cost U.S. state and local governments millions of dollars in remediation and disrupt employee work and citizen services. Governments must be concerned about the loss of sensitive citizen, client and employee information, whether through a cyber event on a PC or unauthorized access to documents at the printer. According to a Verizon study, personal information is the top type of data lost in public sector breaches.The costs of such a breach can quickly escalate. One study estimates an organization will incur $2.2 million in costs for a data breach that involves less than 10,000 compromised records.
Several factors make government agencies easy targets. Budget constraints may require some agencies to use outdated computers that cannot support the security features needed to protect against current threats. Many agencies lack funding to develop, implement and manage robust security policies. And the mix of technologies in most government agencies make security management more challenging, which may inadvertently provide an opening for attacks.
A major source of security vulnerabilities lies in endpoints: the PC and Mobile device employees use to do the everyday work of government. Although an agency may not have full awareness of endpoint vulnerabilities, hackers certainly do. As one example, a county IT director noted an increase of more than 300 percent in endpoint attacks at agencies across Washington state.
A lack of control or inability to monitor endpoints creates significant security risks and may lead to:
Unauthorized people seeing sensitive information due to careless user actions
Cybercriminals stealing data or holding computer files for ransom or blackmail
An attack on critical agency systems through an endpoint’s network connection
Multiple factors contribute to these potential scenarios, but perhaps the most common is inadequate security settings and lack of proactive monitoring. Over time, infrequent monitoring and inconsistent installation of software patches can increase the risk of both PC, laptop and mobile devices.
The valuable data stored in PC memory or hard drives may be easily viewed or stolen unless strong security measures are in place. These measures include defining strong security policies at the agency level and educating users to consistently follow good security practices. When default security settings aren’t optimized, the device becomes a “weakest link,” giving hackers an easy entry point into the organization’s network. Sometimes it’s just a matter of incomplete endpoint awareness. When an agency has hundreds or thousands of PCs and devices to track, it can be hard to maintain up-to-date knowledge of all endpoints. One analysis found that a government organization typically doesn’t know about 12 percent of its network-connected endpoints. If the IT team doesn’t have visibility and control of an endpoint, it can’t be certain it is adequately secured. IT can address these vulnerabilities with a combination of security technology, policies and practices.
It’s easy to assume that a firewall application and anti-virus software are all that’s needed to secure a PC. Although these measures remain important, they cannot deliver full protection against today’s sophisticated attacks. Achieving this higher level of protection involves both best practices and technology tools. Best practices begin with basic measures such as requiring strong passwords and not allowing users to share accounts. Many governments are also choosing to adopt the extensive best practices in the U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework. As a supplement to cybersecurity practices, advanced security tools provide stronger protection than traditional tools for PC applications, data and network connections.