29 April, 2015

Public Data at Risk: Cyber Threat to the Networked Government

Executive Summary
Being a networked government can offer tremendous opportunity for governments globally to connect with their citizens, productively collect and use information, as well as streamline and enhance the efficiency of internal work streams and processes. However, this can open up the Government to severe threats to national security, infrastructure, data, and international diplomacy. Addressing and mitigating these threats are essential to constructing a robust and resilient cyber security strategy.
In most cases, it is the government Chief Technology/Information Officer (CTO/CIO)’s responsibility to understand and manage the issues. However, a more holistic approach towards cyber security must be undertaken if a country is to be cyber ready – from the setting up of technical computer emergency response teams (CERTs), to educating both civil servants and the public at large, to protecting the procurement and purchasing process, which is often a gateway for malware and viruses to enter a system through unhygienic procurement practices.
This paper aims to provide a non-technical explanatory framework by which public officers other than the technically-trained officers can understand and discuss the issues together. These should include (but not be limited to) public officials from the communications, procurement, finance departments etc. This paper should also be used as a tool by the CTO/CIO to garner more broad-based support across the various government agencies for a whole-of-government approach to cyber security.
This report begins by reviewing the high government dependence on IT, the key information stored and managed by governments, and where government IT spend goes to. It then outlines the types of cyber threats governments are facing today, and concludes with a roadmap to creating a cyber security policy, offering a practical checklist by which governments can assess their institutional cyber security robustness. These chapters are outlined in brief below.
Chapter 1: Government IT Systems and infrastructure

Development of e-government infrastructure and online services has had a significant positive impact on interaction and engagement with citizens through e-governance infrastructure. The USA, South Korea and Singapore are regularly being ranked as leaders in this field.
The provision of public utilities and national defence services has also increasingly also been networked and channelled through IT systems.
While tremendously useful, if not managed properly, this could expose governments and citizens to severe breaches of privacy, data theft and compromise in the provision of key public services.

Chapter 2: Types of information stored by governments

Large amounts of public and private data are now stored and made accessible through government IT systems. This includes public information and documents that are now accessible online, sensitive data such as national ID numbers or tax information, internal government communications such as email and classified security information.
Different levels of security and protection are required for the different levels of data and it is essential that governments take the right steps to ensure the integrity of the types of information that are stored and accessed on their systems.
Major cyber attacks in recent years have targeted information and data stored by governments that have compromised citizen security and resulted in enormous cost to and loss of confidence in government.

Chapter 3: Public Sector IT Spending

North America, Western Europe and Australia lead in committing money and resources to cyber security efforts. Several Gulf and Asian countries have stepped up commitment in recent years following attacks.
Public Sector spending on cyber security is generally focused on rapid detection and response to a threat, remedial work necessitated by data breaches, and ongoing maintenance of websites and online services.

Chapter 4: Types of Cyber Security Threats to Government

The types of cyber security threats posed to governments are numerous with as many levels of severity of impact. Common attacks include: cyber terrorism and threats to critical infrastructure, theft of confidential or sovereign data, denial of service attacks on e-government infrastructure, cyber espionage and advanced persistent threats.
Counterfeit software, lack of maintenance and lax procurement supply chains pose a significant security risk by providing doorways to malware entering and abusing government networks and systems.

Chapter 5: A Roadmap to Constructing a Resilient Cyber Security Strategy

A resilient cyber security strategy must be holistic and address different stages of an attack, including prevention, response and mitigation.
An effective roadmap towards constructing a resilient strategy should include steps taken to:
- Raise awareness and the level of understanding among the general population, by educating business owners, students and government agencies on the threats that exist as well as how to protect their networks from attack.
- Ensure Readiness through the creation of Computer Response Emergency Teams (CERTs) that coordinate capabilities and share knowledge.
- Prevention of attacks through building and maintaining a safe and secure network infrastructure and supply chain through good maintenance and procurement practices.
- Responding effectively to attack through empowering legislators, regulators and policy makers with good regulation and using cyber hygiene tools that can fight attack.
- Mitigate damage by rebuilding trust with citizens and other stakeholders through effective communication, established review processes and building partnerships with industry, other governments and international organisations.

[download full report here]

Media Cover: