The looming threat of cyber security debt in the public sector

As society continues to operate in a hybrid world, the demand for online citizen services is higher than ever.

Unsurprisingly, the public sector has a lot of catching up to do. Earlier this year, the UK government unveiled its long-awaited strategy to improve digital public services.

The Digital, Data and Technology (DDaT) capability framework was the latest in a set of policies aimed at making the UK ‘digital by default’. By ‘harnessing digital to build and deliver services’, these set of strategies are meant to ‘transform the relationship between citizen and state’. But how effective will it really be?

Thrown into the deep end

Legacy systems in the UK public sector, many of which lack interoperability and scalability, were already having difficulty managing workloads – most of which they were never intended to handle – before COVID-19. Early in 2020, as the impact of the crisis started to be realised, several challenges came into focus due to the need to maintain service continuity. Organisations were compelled to quickly create home/hybrid working solutions as the nation went into lockdown.

Departments in the public sector adapted quickly to these new ways of working, many more smoothly than expected, displaying levels of agility and resilience. Technology had a significant impact on how this shift was made. Services were swiftly moved to the cloud in accordance with general government strategy.

The brewing storm…

Organisations in the public sector, though, have been pushing ahead with trying to swiftly adopt new digital models without giving cybersecurity the same priority. As a result, security flaws have appeared, leaving systems exposed and potentially open to attack.

The public sector has already seen the transformational power of applying the right DDaT strategies. Their use has, however, highlighted a number of systemic flaws. When security is not incorporated from the beginning of a project, cyber debt results because investments made to promote operations and growth have outrun the security measures which should have been in place. In turn, organisations end up having to continually catch up. Such issues are prevented by doing things correctly the first time. When implementing new systems, security must constantly be taken into consideration.

…and the underlying currents

There is a race to the top in cybersecurity. Opponents are driven, quick, and technologically advanced. Cyber attacks are becoming more sophisticated and have the ability to cause significant damage to the networks, data, and services the country depends on. As hostile actors continue to look for vulnerabilities, the threat landscape is continuously evolving and changing.

Even though no two IT environments are the same, attackers usually try to breach security by looking for flaws in privileged accounts. According to Forrester research, privileged access abuse accounts for 80% of breaches. There are typically four steps involved in breaches. An attacker will initially try to get access to privileged identities without authorisation. Once this has been established, they will travel laterally and vertically through the network looking for high-value targets before utilising privileges at a higher level to accomplish their objectives, which may include data theft, intellectual property theft, or service interruption.

Unquestionably, cutting-edge technologies are at the heart of the change we are witnessing at all levels of government. But the world we live in is unpredictable. The need for vigilance must be at the forefront of digital leaders minds throughout the public sector. This is especially important as the threat is continuously growing and as those who do harm seek to reap benefits from technological advancement.

Cybersecurity must be a primary component of every significant IT or digital programme and not just an afterthought if transformation is to be fully beneficial over the long term. Given that public services are the backbone of every country, this cyber debt needs to be reconciled before it is too late.

About the Author

Dan Lattimer is Director Government & Defence, EMEA at CyberArk. CyberArk is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets.

Featured image: Adobe Stock