Aug 24, 2021

The strategic challenges facing the public sector.

As with many private sector companies, the public sector has also been forced down the road towards digital transformation as a result of the COVID-19 pandemic. From hospitals to schools and city halls, all public institutions have digitalised their services and now have networked objects or more powerful servers. Initially, this was done in order to provide more efficient and smarter administration, but was later used to ensure compliance with hygiene regulations, but these were services, the security of which was often left to fall by the wayside.

Public institutions are increasingly networked and offer users predominantly digital services (online tax payments, online application for an ID card, etc.). However, at the same time, hackers and cybercriminals are given extensive opportunities to attack as the public sector is a very attractive target for a number of reasons.

 

Reasons for concern

The vast majority of public institutions processes the data of millions of French citizens every single day—patient files, bank details, addresses, identities, property.... Every day, IT technologies are increasingly making their presence felt in the collection and processing of citizens’ data. In tax authorities and social service alone, data that could compromise citizens if stolen are bundled together. For example, medical data can fetch anywhere between 50 and 250 dollars on the black market. Bank details, on the other hand, can be worth 50 dollars.

Another risk is that political institutions can fall victim to politically motivated, domestic or foreign computer hacks. In December 2018, hacktivists were suspected of launching DDoS attacks (shutting down a website due to the amount of traffic) against several institutions, including the URSSAF and Ministry of Justice. This kind of attacks doesn’t only result in financial losses, but can also severely impair the services provided.

These dangers posed to the public sector are made greater by the vulnerability of the organisations’ IT as these institutions rarely update their hardware. Budgets and state provisions must be complied with, which can lead to a much longer decision-making process, explaining why many terminal devices are practically obsolete and their cyber defences far from up-to-date.

 

Recommendations for efficient security

Efficient and comprehensive cybersecurity is a must in both the private and public sectors.

This involves having in place a foundation of basic security solutions such as firewalls and anti-virus protection. However, as public institutions are increasingly making use of in-house and external communication (e-mails...), they absolutely need e-mail security software so that messages infected with viruses can be detected before they reach the recipient.

Managing data is a huge challenge for the public sector and specific steps have to be taken to ensure protection. Solutions for encrypting data, shared information and e-mails are perfect solutions for these kinds of institutions.

Any questions? Our security expert is happy to help.

 


Dimitri Klein

Solution Consultant Security

Phone: +33 (0)3 90 40 45 48

dimitri.klein@bechtle.com

Share article

Published on Aug 24, 2021.