Cybersecurity resilience in the Government and public sector in the US

Our world is more connected than ever. For many, this has accelerated knowledge exchange and advanced world economies and living conditions.

However, it has also made our digital presence more complex. Data security and privacy are at stake, and in some industries, like Government and Defense, this presents significant challenges.

How prepared are Federal, state, and local governments to face cyber challenges? According to research by MeriTalk and Splunk that we’ll be quoting often in this article, 79% of state and local government organizations say heightened world tensions have increased their organizations' focus on cyber resilience. Is that enough?

Raised awareness of cybersecurity importance

Last month, top leaders across US government intelligence agencies like the FBI and CIA testified to answer US lawmakers’ questions. Here’s what we learned:

• The US is struggling to counter ransomware: cybercriminals are improving their attacks. There is no unified international response to these threats, and ransomware remains an ongoing risk to US public services and critical infrastructure.
• The use of AI in influence operations is growing: generative AI tools are increasingly being used to create deepfake imagery and videos, creating confusion and discord, and influencing worldwide events like elections.
• US spy agencies can legally buy US citizen data online, including location and internet traffic data, from data brokers without a warrant.

We see increased recognition of threats in cyberspace and focus on resolving these challenges. This is also evident in the issuing of Federal Zero Trust Strategy in 2022. It offers an adaptive, safe architecture to prevent unauthorized access to critical systems and data, a necessary component of improved cybersecurity in the Government industry.

Identifying vulnerabilities

MeriTalk and Splunk research shows that, according to more than 78% of Federal, state, and local government cybersecurity professionals, organizational silos challenge their ability to maintain critical services in the event of a disruption.

Here’s what they identified as most vulnerable to cyber risk exposures:

• Sensitive data 71%
• Personally identifiable information 62%
• Cloud systems 55%
• Critical software 48%
• Critical infrastructure 47%
• Internal control systems 39%

Main cybersecurity challenges to the government

1. Governments are prominent targets of malware and ransomware attacks

Government organizations deal with large amounts of personal data. That also includes politically valuable data that can be used for malicious intent.

Some examples of notable cyber attacks on government agencies include:

• A phishing attack on the Metropolitan Police Department in Washington, DC, resulting in the theft of 250 GB of police data and undisclosed costs
• A ransomware attack on the City of Baltimore resulted in $18.2 million in costs.

2. Workforce development and tech talent

To keep up with the best cybersecurity practices, you need cybersecurity experts that keep up with the latest trends. A rigorous employment process is in place at government agencies, which may prevent highly qualified candidates from working in smaller sectors such as technology.

In addition, some government agencies, excluding military and defense, have a reputation for being technical laggards, which could discourage more technical talent.

In MeriTalk research, 65% of respondents marked workforce development as the weakest component of cyber resilience. A quote noted in the answers includes this one:

We can't keep workers who are skilled and trained.

This presents a major issue, since human action is the one guiding the cybersecurity upkeep.

3. Legacy software

Technological changes are often not quickly adopted by the government agencies. As public budgets are tight, software and hardware updates are rarely included in the budget. That's a significant cybersecurity challenge.

The fact that older, legacy software is more vulnerable to cyberattacks and not user-friendly doesn't just encourage the use of other solutions that are not endorsed by the government; it also tends to cause agency employees to resort to alternative solutions they don't agree with.

For instance, it may be difficult for agency officials to share and exchange information, so they may use WhatsApp. However, the strong security requirements of government agencies do not permit the exchange of important information via WhatsApp.

4. Complying with data privacy regulations

As the world continues to grow digitally, more data is being regulated by law and regulations. IT administrators trying to introduce digital technologies into government bodies are facing additional difficulties because of strict data protection regulations, such as HIPAA or FEDRamp. 

Complying with privacy legislation is difficult in itself because it requires implementing a complex set of data practices. But, in the end, following data privacy regulations will improve overall cybersecurity.

How can the Government further improve cybersecurity? 

Going forward, organizations believe internal collaboration, a strong culture of risk management, improved funding, and dedicated cyber resilience training and awareness will have the greatest impacts on improving cyber resilience.

Here are some specific tactics Government organizations can apply:

1. Air gapping and on-premise deployment

On-premise deployment allows complete data sovereignty, which means total control over your data.  It's good for a number of reasons, but it's all about the fact that you own your data, so that you don't have the possibility of unauthorised access. 

As a further measure of data security, governments frequently use air gapping. This involves total isolation from all other networks of the system in question. Air-gapped systems are thus protected because access to them is extremely hard if you’re an external actor.

2. Secure cross-organizational collaboration

In the public sector, as we've already pointed out, there are multiple organisations working together on a variety of projects. These bodies are public or private, and may be composed of expert groups, individual contributors, a variety of regional, state, national as well as Community organisations such as community members.

In a safe environment, where sensitive data are not exposed, this kind of wide vertical collaboration can take place. For example, people from different organisations using different collaboration tools may be able to work together on joint projects without switching from their primary collaboration tools through software with Matrix federation capabilities.

‍

3. Employee training

Employee training is vital for cybersecurity resilience. As we’ve seen, workforce development is a major issue in the Government sector. Besides training in technical skills, the compliance and data protection measures should be vital part of training.

Furthermore, employees often say organizational silos prevents them from promptly reacting to urgent security vulnerabilities. Investing in educating about the right communication channels and enabling employees to raise critical issues to the top level is essential here.

Air-gapped collaboration for Government

It is hard for any type of organization to ensure the highest level of data protection. However, for government agencies and public sector organisations which deal with extremely sensitive data and have responsibilities to the public, it is even more difficult to protect them. In any case, it can be very expensive not to use the best practices in cybersecurity.

On the other hand, collaboration with partner organisations is increasingly under pressure both internally and externally. Cybersecurity best practices, which also guarantee free collaboration, must be properly implemented in the digital environment.

Here are some of the most important Rocket.Chat features:

• Self-managed deployment 
• E2E encryption
• Active directory/SAML/single sign-on
• 180+ role-based permissions
• Unlimited conversation history
• Citizen engagement capabilities
• Matrix federation capabilities
• ISO27001 compliance
• US GSA Authorization
• VPAT-Section 508 compliance
• Iron Bank certificate
• HIPAA compliance

Learn more about Rocket.Chat’s offer for the government and public sector:

➡️ Rocket.Chat guide for organizations in the US

➡️ Air-gapped collaboration suite for Defense

➡️How Rocket.Chat meets the needs of government agencies across the globe