Page 44 - EngineerIT January 2022
P. 44
INDUSTRY, TECHNOLOGY, PRODUCTS AND INNOVATION
Governments lack urgency to address
“
cybersecurity in the public sector
T he public sector has come under increased threat during the pandemic. Check Point
Research shows a global trend toward increasingly lucrative public sector targets
While the pace of transformation may vary from country to country, the public
sector as a whole is gradually becoming more digitally mature. However, government
departments are often late adopters, and bad actors are taking note. Check Point Software’s
2021 Mid-Year Cyber Attack Trends Report highlights just how prevalent attacks on public
sector organisations have become during the pandemic. Globally, government organisations
are now one of the most popular targets for bad actors, second only to those in the education
and research sectors. Of the 93% increase in global cyberattacks reported by Check Point from
2020-21, many of them are being orchestrated against public-owned entities, but why?
Pankaj Bhula
Public sector is slow to respond to cybersecurity solutions
“In Check Point Software’s experience with public sector organisations in South Africa and Data has value. It can therefore be
the rest of the continent, cybersecurity is top of mind at the senior level and in the relevant extorted or sold for profit. If a group of
information technology departments, but this urgency does not always reflect in the supply bad actors was to steal thousands of
chain on the deployment of cybersecurity solutions. This lack of urgency is compounded by people’s credit card details by hacking into
delays due to lengthy procurement processes, which have been intensified by the Covid-19 a private organisation such as a bank or
pandemic,” says Pankaj Bhula, Regional Director: Africa, Check Point Software Technologies. online retailer, they’d fetch around US$20
As the cybersecurity landscape evolves quickly, by the time the cybersecurity solutions are (R300) plus per record if auctioned off on
signed off on, if at all, the technology is too outdated to manage current threats, leaving the dark web. If, however, the same group
public sector organisations vulnerable. were to attack a public healthcare entity
“In addition, there appears to be a lack of awareness and accountability of the and steal individuals’ medical information,
consequences of an attack on the public sector in the Africa region, which potentially can their potential profit would soar and net
bring any country’s critical infrastructure to a standstill and threaten the safety of its citizens. them more than US$480 (R7 500) per
The public sector is there to serve, and does not have the same potential for reputational record. And that’s not even considering
damage and financial loss as in the profit-driven private sector to motivate for cybersecurity the amount they could extort from the
as a top priority,” adds Bhula. public sector targets themselves. This
In South Africa, there has been some progress on increasing the speed of cybersecurity isn’t helped by the fact that public sector
implementation in the public sector. A transversal tender for cybersecurity only has been put organisations are often comprised of siloed
forward by the country’s government, which can cut down on time on sourcing suppliers and data behemoths, so if a malicious actor is
pricing quotations. President Cyril Ramaphosa also signed the Cyber Crimes Bill into law this able to exploit a gap in their defences, the
year, which brings South Africa’s cybersecurity laws in line with the rest of the world. The “payouts” are often huge.
challenge lies in investigating offences and enforcing this law, particularly in the public sector.
The time to act is now
Public sector now regarded as a high-value target by bad actors With a threat landscape that’s currently
The public sector might serve up easier targets than the private sector due to outdated outpacing many private organisations’
technology, slow uptake on cybersecurity practices and solutions, inadequate education, or a capabilities, governments need to start
combination of these factors but is it lucrative enough to attract cybercriminal organisations? thinking very carefully about their
cybersecurity budgets, how quickly their
security solutions are implemented, and
how they can increase their risk posture in
2022 and beyond.
Check Point Software recently hosted
a webinar entitled: “The State of
Cybersecurity: Public Sector 2021” with
experts from the field of cyber security in
the public sector. To access the webinar
on-demand visit: https://www.brighttalk.
com/webcast/16731/504417
EngineerIT | January 2022 | 42
