Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

How Public Sector Organizations Can Overcome Today’s Cyber Risks

Dr. Larry Ponemon and Tenable’s Stephen Smith discuss the cybersecurity challenges revealed in a recent study of cybersecurity in the public sector, and provide three tips for closing the Cyber Exposure gap. 

It’s not easy to be a cybersecurity professional in the public sector these days.

While government agencies each face many of the same daily security risks as their private sector counterparts, public sector organizations have a unique set of challenges when it comes to cybersecurity. Among the issues facing public sector organizations are:

  • Lack of visibility into the entire attack surface
  • Limited technical resources and support
  • Heavy reliance on manual processes to close the Cyber Exposure gap

Stephen Smith, Tenable’s Manager of State and Local Business Development, discussed these and other public sector cybersecurity challenges in a recent Tenable webinar featuring Dr. Larry Ponemon, Chairman and Founder of Ponemon Institute. 

During the webinar, the pair explored the findings outlined in the report, “Cybersecurity in Public Sector.” Commissioned by Tenable, the report was developed by Ponemon Institute, based on survey responses from 244 public sector infosec professionals from the United States, United Kingdom, Germany, Australia, Mexico and Japan. It highlights five key takeaways for public sector CISOs and their cybersecurity teams:

  1. Cyberattacks in the public sector are relentless. 
  2. Preventing attacks against IoT and operational technology (OT) infrastructure is a top priority for 2019.
  3. Public sector cybersecurity teams face fundamental challenges managing cyber risk.
  4. To help mitigate cyberattacks, new approaches for measuring cyber risks are needed.
  5. Smarter prioritization of vulnerabilities is key to staying ahead of cyberattackers.

Cybersecurity Priorities in the Public Sector

Smith and Ponemon delved into the details on each of these five critical points and discussed what they reveal about the current state of cybersecurity in the public sector.

Cyberattacks in the public sector are relentless

The vast majority of organizations surveyed for the Ponemon report (88 percent) said they have sustained at least one damaging cyberattack over the last two years. In fact, 62 percent of respondents reported their agencies have sustained two or more damaging cyberattacks in the last 24 months. Many of the incidents have caused data breaches resulting in disruption and downtime, including the loss of day-to-day operations and equipment malfunctions.

Preventing attacks against IoT and OT infrastructure is a top priority for 2019

Nearly two thirds of respondents (65 percent) said they are most concerned about the possibility of attacks involving IoT or OT assets this year. As in the private sector, public sector cybersecurity professionals are now taking more responsibility for OT security as well as IT security, which means they are responsible for an ever-expanding attack surface. 

Another 61 percent of respondents said they are worried about the downtime to plants or equipment that would result from an attack against OT infrastructure.

A third of respondents (33 percent) are also concerned about the possibility of an employee falling for a phishing email. This concern is understandable, given that 56 respondents reported at least one such incident resulting in credential theft during the previous two years.

Despite the fact that phishing remains a top concern, Smith said public sector CISOs have made great strides in actually reducing the number of phishing attacks within their organizations. “We get a chance to...talk to a lot of public sector organizations and we participate in several councils, including one with the National Governors Association, and this topic was a significant topic in all of those conversations last year,” said Smith. “Now, what you are starting to see is organizations actually taking pride in the degree which they have reduced successful phishing attacks in their organizations.”

Public sector cybersecurity teams face fundamental challenges managing cyber risk

Only 23 percent of survey respondents report having sufficient visibility into their organization’s attack surface. This should come as no surprise, since 62 percent of respondents also say they lack adequate staffing to scan for vulnerabilities in a timely manner. 

New approaches for measuring and mitigating cyber risks are needed

The Ponemon data make clear that traditional key performance indicators (KPIs) are not adequate to provide an accurate picture of the cyber risks facing public sector organizations today. In fact, only 40 percent of respondents said they even attempt to quantify the impact that common cybersecurity incidents could have on their organizations.

And even if they could improve their ability to measure business impact, there’s little consensus on what, exactly, they would choose to measure. Of those respondents who are currently attempting to quantify business impact, 50 percent attempt to quantify the cost of OT-system downtime. The frequency of unpatched — but known — vulnerabilities is tracked by 46 percent of these respondents. 

Smarter prioritization of vulnerabilities is key to staying ahead of cyberattackers

Nearly a third (63 percent) of respondents report wanting to improve their ability to keep up with the sophistication and stealth of attackers. However, 44 percent say they currently prioritize threats based on the ease of remediation. A better way for CISOs to prioritize, according to the data, is to take a harder look at those threats that pose the greatest risk. Not all vulnerabilities need to be patched right away if they don’t present an immediate threat to the network.

Closing the Cyber Exposure gap to strengthen public sector cybersecurity

What Smith suggested, and what the Ponemon research supports, is a holistic approach to public sector security so that CISOs and their organizations can prioritize their needs at a time when adding more people and more resources is not possible.

Smith and Ponemon offered three tips public sector cybersecurity professionals can use to help close their Cyber Exposure gaps: 

  1. Look for ways to improve your vulnerability prioritization. Tenable researchers reported over 16,500 were disclosed in 2018 — most of which were high or critical severity. Yet, only a small fraction of those vulnerabilities are being actively exploited. By using new technology and techniques, e.g.,data science and machine learning, public sector cybersecurity pros can more effectively prioritize vulnerability remediation to focus on those vulns posing the greatest risk of exploitation.
  2. Make use of passive monitoring, especially for OT assets. While most organizations and their security teams would like to actively scan their entire environment, when it comes to OT, they’re deterred from doing so because active scanning can cause service interruptions by knocking business-critical systems offline. Instead, Smith recommended passive monitoring, which provides much-needed visibility into OT environments without disrupting sensitive systems.
  3. Implement continuous asset discovery and vulnerability assessment. Adding or removing computing assets can change overall security posture. Since remediation must often occur during small windows of downtime, the most complete and current data regarding vulnerabilities and their predicted risks is critical, which is why Tenable recommends making continuous monitoring a top priority.

Learn more:

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.