As citizens adjust their daily lives to reduce the chances of catching or spreading COVID-19, the risks associated with the pandemic are extending beyond a national health and economic crisis. Cyberthreats, including phishing scams, spam, and other attacks against organizations are spiking by as much as 40% as bad actors seek to take advantage of global uncertainty and anxiety, according to new data from CNBC.
Cyber concerns are running particularly high in the public sector. Government agencies, not used to the concept of a remote workforce, are suddenly confronted with the task of reducing the cyber risk associated with hundreds and thousands of potentially insecure home offices. Meanwhile, these already over-taxed resources must continue to ensure the ongoing security of their traditional IT infrastructures.
It’s a new world order that is playing out at both the state and local and federal levels.
Meanwhile, the federal government agencies that citizens depend on for facts and information during this crisis are under attack.
In mid-March, the U.S. Department of Health and Human Services (HHS) suffered a cyberattack designed to undermine the government’s response to the COVID-19 pandemic, reports Bloomberg. The attack, likely by a foreign actor, overloaded HHS servers with millions of hits over several hours, with the goal of slowing agency systems. In an interesting twist, officials also believe that the attack is linked to a series of fake messages spread by text, email, and social media falsely claiming that President Trump would soon order a two-week mandatory quarantine for the nation.
During these dark times, it’s critical that government agencies step up their cyber vigilance. All it takes is a misconfigured piece of software or an insecure home Wi-Fi network for a hacker to gain entry to critical systems, take them offline, breach data, or spread disinformation. It’s a risk agencies can’t afford to take.
Yet no matter how much money agencies spend to protect their systems and data, they are frequently outwitted, outcomes aren’t improving, and opportunistic attacks are on the rise.
With limited resources to protect their environments, it’s critical that focus is placed on the areas that will have the greatest impact on the organization’s overall security posture. Now, more than ever, there are three things that organizations must do:
With these insights, government security teams can gain unprecedented visibility into key risk vectors (such as unpatched systems, insecure access points, or vulnerable vendors), calculate and prioritize that risk, and continuously monitor their assets and the remote workforce so that no vulnerability goes unchecked.
Amid this pandemic, for the first time in many of our lives, the role of government has never been more vital.
Hopefully, we will flatten the curve of COVID-19 infections, but until we do, we must be able to count on the continued “functioning” of vital government information, guidance, and services as we navigate this crisis.
To do this, agencies need to stop playing whack-a-mole and recognize that they can’t keep fixing issues as they arise. Good cybersecurity requires a shift from a reactive defensive strategy to a focused and proactive approach that SPM enables. One that allows security teams to effectively identify the most pressing and urgent threats to their growing networks — inside and out — make confident and informed decisions about where to focus security resources and, ultimately, stay one step ahead of nimble threat actors.
For obvious reasons, the financial services industry has had the unfortunate distinction of being one of the largest high value targets for threat actors. Research shows that financial services businesses experience 300 more cyber attacks...
Not to be forgotten during the chaos that was 2020 were the massive cybersecurity breaches that directly impacted some of the country’s largest businesses and their customers. Let’s take a closer look at four of the big data breaches of...
When it comes to reporting to the board, there are plenty of tools at the CISO’s disposal. Looking at the right metrics and putting them in the right context can help turn your next board meeting into a source of confidence, not stress....
© 2021 BitSight Technologies. All Rights Reserved. | Privacy Policy | Security | For Suppliers
Contact Us | BitSight Technologies | 111 Huntington Ave, Suite 2010, Boston, MA 02199 | +1-617-245-0469