Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

How Public Sector Organizations Can Overcome Today’s Cyber Risks

Dr. Larry Ponemon and Tenable’s Stephen Smith discuss the cybersecurity challenges revealed in a recent study of cybersecurity in the public sector, and provide three tips for closing the Cyber Exposure gap. 

It’s not easy to be a cybersecurity professional in the public sector these days.

While government agencies each face many of the same daily security risks as their private sector counterparts, public sector organizations have a unique set of challenges when it comes to cybersecurity. Among the issues facing public sector organizations are:

  • Lack of visibility into the entire attack surface
  • Limited technical resources and support
  • Heavy reliance on manual processes to close the Cyber Exposure gap

Stephen Smith, Tenable’s Manager of State and Local Business Development, discussed these and other public sector cybersecurity challenges in a recent Tenable webinar featuring Dr. Larry Ponemon, Chairman and Founder of Ponemon Institute. 

During the webinar, the pair explored the findings outlined in the report, “Cybersecurity in Public Sector.” Commissioned by Tenable, the report was developed by Ponemon Institute, based on survey responses from 244 public sector infosec professionals from the United States, United Kingdom, Germany, Australia, Mexico and Japan. It highlights five key takeaways for public sector CISOs and their cybersecurity teams:

  1. Cyberattacks in the public sector are relentless. 
  2. Preventing attacks against IoT and operational technology (OT) infrastructure is a top priority for 2019.
  3. Public sector cybersecurity teams face fundamental challenges managing cyber risk.
  4. To help mitigate cyberattacks, new approaches for measuring cyber risks are needed.
  5. Smarter prioritization of vulnerabilities is key to staying ahead of cyberattackers.

Cybersecurity Priorities in the Public Sector

Smith and Ponemon delved into the details on each of these five critical points and discussed what they reveal about the current state of cybersecurity in the public sector.

Cyberattacks in the public sector are relentless

The vast majority of organizations surveyed for the Ponemon report (88 percent) said they have sustained at least one damaging cyberattack over the last two years. In fact, 62 percent of respondents reported their agencies have sustained two or more damaging cyberattacks in the last 24 months. Many of the incidents have caused data breaches resulting in disruption and downtime, including the loss of day-to-day operations and equipment malfunctions.

Preventing attacks against IoT and OT infrastructure is a top priority for 2019

Nearly two thirds of respondents (65 percent) said they are most concerned about the possibility of attacks involving IoT or OT assets this year. As in the private sector, public sector cybersecurity professionals are now taking more responsibility for OT security as well as IT security, which means they are responsible for an ever-expanding attack surface. 

Another 61 percent of respondents said they are worried about the downtime to plants or equipment that would result from an attack against OT infrastructure.

A third of respondents (33 percent) are also concerned about the possibility of an employee falling for a phishing email. This concern is understandable, given that 56 respondents reported at least one such incident resulting in credential theft during the previous two years.

Despite the fact that phishing remains a top concern, Smith said public sector CISOs have made great strides in actually reducing the number of phishing attacks within their organizations. “We get a chance to...talk to a lot of public sector organizations and we participate in several councils, including one with the National Governors Association, and this topic was a significant topic in all of those conversations last year,” said Smith. “Now, what you are starting to see is organizations actually taking pride in the degree which they have reduced successful phishing attacks in their organizations.”

Public sector cybersecurity teams face fundamental challenges managing cyber risk

Only 23 percent of survey respondents report having sufficient visibility into their organization’s attack surface. This should come as no surprise, since 62 percent of respondents also say they lack adequate staffing to scan for vulnerabilities in a timely manner. 

New approaches for measuring and mitigating cyber risks are needed

The Ponemon data make clear that traditional key performance indicators (KPIs) are not adequate to provide an accurate picture of the cyber risks facing public sector organizations today. In fact, only 40 percent of respondents said they even attempt to quantify the impact that common cybersecurity incidents could have on their organizations.

And even if they could improve their ability to measure business impact, there’s little consensus on what, exactly, they would choose to measure. Of those respondents who are currently attempting to quantify business impact, 50 percent attempt to quantify the cost of OT-system downtime. The frequency of unpatched — but known — vulnerabilities is tracked by 46 percent of these respondents. 

Smarter prioritization of vulnerabilities is key to staying ahead of cyberattackers

Nearly a third (63 percent) of respondents report wanting to improve their ability to keep up with the sophistication and stealth of attackers. However, 44 percent say they currently prioritize threats based on the ease of remediation. A better way for CISOs to prioritize, according to the data, is to take a harder look at those threats that pose the greatest risk. Not all vulnerabilities need to be patched right away if they don’t present an immediate threat to the network.

Closing the Cyber Exposure gap to strengthen public sector cybersecurity

What Smith suggested, and what the Ponemon research supports, is a holistic approach to public sector security so that CISOs and their organizations can prioritize their needs at a time when adding more people and more resources is not possible.

Smith and Ponemon offered three tips public sector cybersecurity professionals can use to help close their Cyber Exposure gaps: 

  1. Look for ways to improve your vulnerability prioritization. Tenable researchers reported over 16,500 were disclosed in 2018 — most of which were high or critical severity. Yet, only a small fraction of those vulnerabilities are being actively exploited. By using new technology and techniques, e.g.,data science and machine learning, public sector cybersecurity pros can more effectively prioritize vulnerability remediation to focus on those vulns posing the greatest risk of exploitation.
  2. Make use of passive monitoring, especially for OT assets. While most organizations and their security teams would like to actively scan their entire environment, when it comes to OT, they’re deterred from doing so because active scanning can cause service interruptions by knocking business-critical systems offline. Instead, Smith recommended passive monitoring, which provides much-needed visibility into OT environments without disrupting sensitive systems.
  3. Implement continuous asset discovery and vulnerability assessment. Adding or removing computing assets can change overall security posture. Since remediation must often occur during small windows of downtime, the most complete and current data regarding vulnerabilities and their predicted risks is critical, which is why Tenable recommends making continuous monitoring a top priority.

Learn more:

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training