Maintaining the theme of October as Cybersecurity Awareness month, Techwire has been gathering information on how the public and private sectors handle cybersecurity risks and where cybersecurity is going. Here, Marty DeGraff, industry director for government, education and medical at Lexmark, provides some insight into what the private sector thinks the public sector should do. His comments came via an email interview with Techwire.
What are the top three things the public sector should be doing to protect itself that it isn’t?
In terms of security around a fleet of output devices, the first thing that the public sector should be doing to protect itself is ensuring that their devices have been updated with the latest firmware patches. Just as with any mobile phone or PC, output devices need to have the most current update to prevent any new or potential threats. Oftentimes this is an overlooked area for customers or a result of having outdated technology. Customers who are engaged in a Managed Print Services contract should be mandating that the vendor include these updates as part of their normal routine.
Another area that we see is securing output through secure print release solutions. We still see a number of customers who have documents left on printers or copiers that can very easily be picked up by the wrong person, whether by mistake or intentionally. As a result, significant breaches of information can occur. With a secure print release solution, users are required to authenticate at the device before their document is printed, ensuring that only the intended user can receive or print the document.
The third top thing that public-sector governments should be looking at is monitoring the use of hard copy documents within their environment. With over 60 percent of all data breaches occurring from within an organization — the “Insider Threat,” according to IBM X-FORCE CYBER THREAT INDEX, 2016, every potential avenue for data breaches needs to be considered, and paper documents are very much at risk. Most organizations and agencies may know how much they are printing, copying or faxing, but they don’t know the content of those documents. The recent leak by Reality Winner is a prime example. Documents contain valuable information, and the use of these documents should be monitoring to ensure only authorized personnel are using these documents.
Who is most at risk?
It’s an all-encompassing risk. Every level of government deals with citizen information that could be Personally Identifiable Information (PII) and needs to be handled with care. Classified information is throughout the government. Court systems have sealed cases while police departments have ongoing investigations that are private. Schools have become a target for identity thieves who are looking for “fresh” information with no prior history. And health-care departments obviously deal with a tremendous amount of health-related information. Any agency that uses PII on documents is at risk if they are not securing their documents and devices.
What is the biggest cybersecurity problem the public sector faces and why?
There are many well-known risks that come from outside of an organization. However one of the most threatening risks is the “Insider Threat” – an employee or contractor within an organization. These potential “bad actors” are hard to detect and can cause as much damage as an external threat. Not all internal breaches occur from malicious employees, oftentimes, lack of training or inadvertent actions result in breaches as well. For example, an employee may not understand that they shouldn’t be making a copy of a document containing PII and throwing it away in an unsecured garbage receptacle. Schools are also being targeted for PII for theft of new identities with no prior credit history.
What can leaders do to minimize that threat?
To protect the devices themselves, leaders need to ensure that they have a managed print services program that their agency keeps devices and firmware up to date with the most secure features that a hardware provider can offer. Every output device should have a secure print release solution so employees can print with confidence that their documents will not be handled by anyone else. And finally, organizations should consider a monitoring solution, like Lexmark Secure Document Monitor, which watches for any unauthorized use of paper documents within their organization.
What is next in cybersecurity?
The future is more systems that allow for behavior analysis of individuals in organizations. For example, the ability to monitor activity from employees on Web, document usage and mobile, will all be tied together to ID potential threats within the organization. Today we see multiple solutions in any one organization and oftentimes the paper medium is not even considered. Systems will become smarter to tie all activity of an individual together and alert security officials to a potential threat before it occurs from within an organization.
