Government institutions require online applications to streamline processes, provide content and cut costs. The growth of online services and web-based content introduces new challenges to federal, state and local agencies that need to address issues like 24×7 access to critical applications to ensure end-user quality of experience (QoE) and protection of consumer records.
The public sector is targeted by an array of threat actors, from hackers and hacktivists to state-sponsored threats. According to Verizon’s 2019 Data Breach Investigations Report, the biggest threat to the public sector is state-sponsored cyberattacks. More than half of the incidents in the Verizon study were reported by public sector employees, with 330 incidents resulting in confirmed data disclosure. State-sponsored attacks, miscellaneous errors and privilege misuse represent 72% of public sector breaches, with espionage and financial gain reported as the two primary motives.
And according to Radware research, top government business concerns include availability/staying open for business, protecting sensitive data and lack of expertise and resources to manage complex protection.
Staying Open for Business
Government institutions depend on websites and online services. Their networks and applications must be available 24×7 to allow consumers to access resources, especially during critical time periods.
Because government institutions are dependent on their applications, it comes as no surprise that application vulnerabilities were identified as the top threat that IT managers are concerned about. Security and ease of use of applications must be on par with the standards set by applications such as Google, Amazon and Netflix.
Protecting Sensitive Data
Government institutions process and store large volumes of personal information. Verizon’s 2019 Data Breach Report indicates that “Cyber-espionage is rampant in the public sector, with state-affiliated actors accounting for 79% of all breaches involving external actors. Privilege misuse and error by insiders (employees) account for 30% of breaches.”
Based on Radware’s research, data leakage is the top business concern of government professionals when faced with a cyberattack, followed by service outages, reputation damage and revenue loss.
Government institutions continue to move applications and data to the public cloud. While this move transforms infrastructure operations, improves the user experience and reduces costs, there is less control and visibility to manage and secure applications hosted in cloud
Government data centers must adhere to numerous guidelines, including the Federal Risk and Authorization Management Program, International Traffic in Arms Regulations (ITAR) and Criminal Justice Information Services (CJIS). Institutions have to comply with evolving regulations and standards, such as Payment Card Industry (PCI) and General Data Protection Regulation (GDPR). Encryption protocols are required to secure transactions, but attacks using encryption are also a concern.
Lack of Expertise and Resources to Handle Complex Threats
Although keeping websites, data and the network secure is critical, it is becoming increasingly difficult because of the cybersecurity skills shortage and the increasing array of attack vectors. Government customers have three main concerns regarding managing security resources:
- Having the staff and tools to keep up with the volume of attacks and threats.
- Government agencies are adversely affected by the cybersecurity skills shortage because they have more difficulty attracting talent than the private sector.
- IT budgets are particularly tight in the government sector due to budget cuts and the need to show return on investment.
Finding the Right Solution
Government institutions face many operational and security challenges. The right solution to tackle these challenges should include the following:
- Application and malware protection.
- Encrypted traffic inspection.
- Behavioral-based hybrid attack mitigation service, combining on-premise detection and mitigation with cloud-based volumetric attack scrubbing.
- Keyless SSL attack protection.
- A WAF solution that uses a positive security model and machine learning algorithms to provide an adaptive defense against the OWASP Top 10 and other threats.
- Precise bot mitigation and management.