7 cyber defense use cases

GettyImages/d3sign

 

Connecting state and local government leaders

Whether facing data loss, ransomware, fraud or privacy threats, agencies can leverage technology and process solutions to help them prevent and respond to attacks.

Cyberthreats come at agencies from many angles, and IT staff must be prepared both to prevent and respond to attacks – whether they target public safety, justice, finance, critical infrastructure or users, panel of cyber experts said.

“Cybersecurity is foundational to all facets of government,” David Robinson, senior director of public-sector solutions at Microsoft said during a Dec. 9 webinar. “Governments around the globe are passing new laws regarding reporting, creating cross-government task forces, allocating resources and seeking out private-sector assistance.”

Research by Microsoft’s Threat Intelligence Center found that more than 50 million password attacks happen globally every day, and other studies show that phishing attacks grew by 667% when the pandemic hit.

George Earl, a public-sector architect at Microsoft, identified seven cyber defense use cases common across the public sector. The first is the classification and protection of organizational data.

“Governments should apply sensitivity labels and data-loss prevention policies,” Earl said. “If a data breach does occur, it’s imperative that data teams know where the most sensitive data is and who has access to it.”

The second use case is protection against ransomware, a hard lesson learned after the Colonial Pipeline attack, and third is the secure management of an ever-expanding network ecosystem, including internet-of-things devices. Fourth is about sharing information and collaborating more securely because many government processes cross agency boundaries in structured and unstructured ways, Earl said. For instance, unemployment benefits checks may require data from the Department of Motor Vehicles, law enforcement, health care and child protective services.

The fifth case is the efficient monitoring of on-premises and cloud-based systems, applications and data. “This requires capabilities such as machine-learning models, predictions, aggregations and flexibility in scale that just aren’t possible with on-premise architectures,” he said.

Sixth, agencies must offer enhanced public services with security built in – something that comes naturally with the adoption of the DevSecOps methodology.

Lastly, agencies are grappling with shadow IT and software-as-a-service app usage. These unknown and unmanaged cloud services, software and hardware are not “necessarily a bad thing in terms of productivity for your organization, but it does potentially introduce security vulnerabilities,” Earl said. “A common example of this scenario would be unsanctioned usage of tools such as Dropbox.”

The first step in addressing each use case is zero trust, which treats each request for network access as a unique risk to be evaluated and verified. At its core is strong identity verification through multifactor authentication (MFA), which prevents 99% of identification-based threats, Earl said. He predicts that zero trust will be the biggest area of investment for cybersecurity as the pandemic threat winds down.

Besides those general cybersecurity needs, sectors have specific ones, too. For instance, the public safety and justice arena is looking to cloud platforms to enable tools for correlation, search and metadata tagging to accelerate their investigations into bad actors and fraud groups.

“That investigative piece of it is extremely complex and complicated for agencies, said Kirk Arthur, senior director of Microsoft’s Worldwide Public Safety and Justice Team and a former Secret Service special agent and leader of the Electronic Cybercrimes Task Force. Right now, the process typically looks like this: a compromise happens, a law enforcement jurisdiction responds and investigators capture and carve through data about the event, most often using manual tools.

“We have to be able to provide the right level of tools and capabilities to our investigators,” Arthur said.

The same is true for the financial sector, including not only treasury departments but tax agencies, economic development agencies and financial regulators, said Valentina Ion, director of public finance at Microsoft. The potential for fraud has become obvious with the issuance of economic stimulus packages to promote recovery from the pandemic-related recession.

The IRS found that about $5.5 billion in improper payments have been made, and cybercrime is estimated to cost more than $10.5 trillion globally by 2025.

Ion recommends keeping logs and automating the monitoring of them as well as implementing secure records management and archiving. “The public finance role is to protect not only the infrastructure of their own services and employees, but also the taxpayers against malware attacks, phishing attacks,” Ion said.

Protecting the privacy of children in the U.S. foster care system is also a key cybersecurity function for government, said Greg McKay, director of Worldwide Public Health and Social Services division at Microsoft and former head of Arizona’s child welfare organization. Vast amounts of sensitive data are associated with the half a million children who live in foster care in America today and data about where they are living, their history and their medical needs requires protection.

Additionally, “nearly 8 million children are reported abused or neglected every year in the United States,” McKay said. “Every one of those children, by law, have a right to their privacy and the right to have their data protected and confidentially stored. Moreover, every source that calls a child abuse hotline in America is also considered protected, or confidential, and that data needs to be safeguarded from any type of release.”

Lastly, cities face a dual challenge: transforming their technology and improving their security at the same time, said Jeremy Goldberg, director of critical infrastructure Microsoft and former interim CIO for the state of New York.

“This requires solutions in both technology and processes; one or the other just won’t be enough,” Goldberg said.

Stephanie Kanowitz is a freelance writer based in northern Virginia.

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.