Striving to Protect and Defend Government Cybersecurity

(Part II of our cybersecurity blog series)

As government agencies modernize systems and processes to migrate more of their operations to digital interactions, many are also working to strengthen cybersecurity to better protect against security incidents, breaches, data loss or the exposure of personal data.

Government health and human services agencies are well-versed in the stringent regulatory requirements associated with the protection of Personally Identifiable Information (PII), Protected Health Information (PHI), payment card information (PCI) and compliance with state and federal regulatory obligations. As reported in the first post of our four-part cybersecurity blog series, public sector agencies are enhancing resiliency, increasing threat detection and taking other proactive measures.

Undoubtedly, states and localities are increasingly targeted by bad actors. In June, Congress drafted bipartisan legislation to shore up state and local cybersecurity by providing stronger coordination between the Department of Homeland Security (DHS) and state and local governments. The State and Local Government Cybersecurity Act would encourage national cybersecurity watchdogs to share information on threats, vulnerabilities, breaches and other resources to help states prevent and recover from cyberattacks.

Incidents of government attacks, such as the OPM breach in mid-2015, voting system breaches in 2016, and the March 2018 ransomware attack that crippled Atlanta’s network operations for nearly two weeks at an estimated cost of $17 million have contributed to the growing focus on state and local government cybersecurity.

Meanwhile, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) is celebrating the fifth anniversary of its primary cybersecurity guidance, NIST Special Publication 800-53, also called the Cybersecurity Framework. The framework has been downloaded more than half a million times since 2014. In April, NIST also published a companion Roadmap to further assist public and private sector organizations as they work to strengthen security protections.

And another bill to improve the cybersecurity of Internet-connected devices also debuted in March.  The Internet of Things (IoT) Cybersecurity Improvement Act of 2019 tapped NIST to draft guidance that would focus on helping ensure devices purchased by the U.S. government meet certain minimum security requirements.

In recent months, a growing number of states have hired Chief Information Security Officers to boost protections and mitigate risks for data loss or abuse. Maryland Governor Larry Hogan just signed an executive order in June to bolster the state’s cyber defenses in light of a recent Baltimore ransomware attack. The order included several new cybersecurity departments and positions, including a CISO.

As the focus on cybersecurity intensifies, here are some best practice tips to consider, from a June Gartner Inc., research report:

• Consider creating a simple, practical ‘risk appetite statement’ -- to help reduce the disconnect that arises between security teams and operations teams.

• Invest in tools and services -- to enhance security operations and focus on threat detection and response. By 2022, Gartner predicts 50% of all security operations centers will transform into modern SOCs that include integrated incident response, threat intelligence and threat hunting capabilities, up from less than 10% in 2015.

• Utilize a data security governance framework -- to help prioritize your cybersecurity investments. The Capability Maturity Model Institute (CMMI) Maturity Model can help assess and implement data governance policies.

• Improve cloud security competencies – as more organizations adopt cloud services, they must also learn to cope with inherent cloud cybersecurity complexities. Gartner recommends investing in people and processes, such as SecDevOps, which integrates secure development best practices and methodologies into development and deployment processes to better address risks.

Conduent works closely with government agencies to ensure mission-critical operations are protected against breaches and other attacks. We can help you better protect confidential information today, and as you modernize and migrate agency processes to embrace digital interactions in the months and years ahead.