In the latest industry breakout of the AT&T Cybersecurity Insights Report, we examine how state and local government and higher education (SLED) organizations have stood up to these trending challenges. Released today, AT&T Cybersecurity Insights Report: Securing the Edge-A Focus on SLED shows that this sector is a leader, of those surveyed, in innovating at the edge and is investing significantly in cybersecurity as it does so. With the stakes high for citizens, students, and the public at large, SLED is moving rapidly to the edge to satisfy new use cases and to optimize its security strategy to realistically balance risk reduction against budgetary realities. The following is a synopsis of our analysis in this new report focused on SLED.
Filling the needs of citizen users
The push for digital transformation across the private sector is similarly influencing public sector entities in the SLED vertical. Technology leaders at these organizations are being pushed to serve citizens as they would consumers, with user experience top-of-mind.
Whether it is in supporting city infrastructure with smart electric capabilities, enabling virtual classes and government services, improving digital services at remote government offices, or building out secure, cutting-edge connectivity on campus, SLED is being asked to move the bar quickly on digital transformation. The pressure to do so has been particularly amplified in the last year as societal changes caused by the COVID-19 pandemic has driven many of these organizations to completely rethink processes and citizen touch points to provide better options for remote, virtual, and contactless interactions.
Edge computing is playing a pivotal role in SLED’s movement toward digital-first operating models.
SLED is a leading sector of edge innovation
A new compute paradigm underpinned by 5G technology, edge computing drives distributed architectures that put applications, workloads, and hosting closer to users and assets that generate or consume data. Analysis for the broader 2022 AT&T Cybersecurity Insight Report looked at edge compute adoption phases across the six markets surveyed, breaking the state of edge use cases into early stage (ideation and researching), mid-stage (planning and proof of concept), and mature stage (partial and full implementation).
In this research, our analysis found that compared to other sectors such as energy, finance healthcare, and retail, SLED was ahead of many of them in edge deployment. The report’s analysis showed that SLED:
- ranked first in mature stage adoption of edge use cases
- ranked third in mid-stage adoption of edge use cases
Sorting through the specific use cases in these categories, the most prevalent edge use case that SLED was farthest along in within that mature stage was to support public safety and enforcement, namely in deploying technology for gunshot detection and surveillance. Some organizations are seeking to further bolster that technology with future pairing of these notifications for first-responders with real-time traffic analysis and control to further speed up their time of response to life-saving situations. Meantime, the most prevalent use case in the mid-stage was the automation of public services, including support for smart meters for utilities such as water, gas, or electricity.
The rollout of these digital services is clearly for the betterment of communities. But adding digital layers to critical infrastructure and processes also adds risk. Which means that appropriate cybersecurity controls to protect SLED’s growing edge compute deployments for everything from mass transit optimization to electronic voting requires careful cybersecurity planning and execution.
SLED operates with slim margin for mistakes
The true value of edge innovation in SLED institutions is only gained when these organizations can ensure the trust of citizens that their use of cutting-edge devices is safe, secure, and financially responsible. The good news is that this sector leads in number of use cases, and the rate at which it is investing in securing them:
- 67% or more SLED survey respondents report they are investing greater than 11% of their overall edge project budget for security
- 76% of state and local governments indicate investments of 11% or more directly tallied to cybersecurity
That’s in contrast to finance, for which just 59% of respondents said they’ve allocated similar percentages of their budgets to security.
Many of the public sector organizations in the SLED contingent struggle with getting the most out of these security investments and the underlying edge project budget. The report showed that survey respondents in this vertical reported the lowest perceived effectiveness for their spend. Often the state and local governments in this group are called to pay closer attention to spending and efficiency. They’re closer to their local constituents than, say, their counterparts at the federal level and have less margin for error—both in fulfilling their security and fiduciary responsibilities. Local elections come quickly and constituents offer vocal scrutiny when government services are disrupted due misspending, bungled deployments, or security breaches.
Many in the SLED sector are answering these questions by combining cybersecurity and network functions in the cloud with technology such as SASE to future-proof their edge security. Approximately 52.4% of SLED respondents said they would move toward this route, compared to 45.7% that would combine them on-premises. This preference for cloud likely has to do with the need that many of these organizations have to be budget conscious, paying attention to their internal ability to affordably manage security as deployments grow more complex. Unsurprisingly, SLED respondents judged the security effectiveness and efficiency highest for those technologies related to this architectural philosophy. For example, Zero Trust network access control was ranked the number one most efficient security control at their disposal.
As SLED organizations grapple with the trends outlined here, we recommend that they talk with service providers and network operators prior to making decisions about edge networking and security. A trusted advisor can help architects discuss the pros and cons of public and private 5G cellular, legacy cellular, remote office/branch office, IaaS/PaaS/SaaS cloud environment, industrial IoT/OT, or consumer IoT environments. Together these organizations can work with a provider to develop realistic scenarios for incremental transitions to 5G and edge computing that maximizes benefits and minimizes risk.
