In a recent Center for Digital Government (CDG) survey of state and local government IT leaders, more than four out of 10 respondents were not fully confident in their organization’s ability to protect against today’s cybersecurity threats. Network security and endpoint/device security were respondents’ top concerns.
To combat modern threats, organizations are focusing on Zero-Trust strategies, such as controlling access to applications, continuously authenticating users and continuously assessing devices. In the CDG survey, two-thirds of respondents indicated they are incorporating two or more elements of Zero Trust, and 44% indicated they are incorporating three or more elements.
The federal government has made it clear that Zero Trust is the future of cybersecurity. The Office of Management and Budget in January 2022 released a strategy to move federal agencies toward a Zero-Trust framework.2 Aligning with federal standards could make it easier for state and local governments to obtain funds in the future. To ensure their Zero-Trust and other cybersecurity investments can be sustained over the long-term, organizations will need a solid strategy that focuses on business outcomes and simplifies how they use the full range of cybersecurity tools in their arsenal.
A single, unified cybersecurity platform can helporganizations achieve their goals by improving visibility; enabling intelligent automation of detection, prevention and response tasks; and reducing the complexity inherent in implementing, managing and maintaining solutions on different platforms.
Confronting today’s myriad cybersecurity challenges
The following challenges increase the complexity of cybersecurity today.Evolving constituent preferences. Residents increasingly want mobile, digital options for accessing government service. But many of these services rely on legacy systems, which can be difficult to integrate and secure.
Remote work. Now that many employees are working from home, they’re connecting via multiple devices and external networks. Traditional cybersecurity controls such as firewalls and intrusion detection devices are no longer sufficient.
Wide range of cybersecurity concerns. CDG survey respondents said their two most pressing cybersecurity concerns were network security (59%) and endpoint security (50%), with securing remote access (45%), cloud security (44%) and application security (39%) also significant concerns for many.
Multiple a la carte solutions. To protect the increasingly extended enterprise, many organizations have procured security tools ad hoc. These siloed solutions reduce visibility and generate thousands of alerts, making it difficult to extract meaningful insights and respond to the most important issues. Nearly half of CDG survey respondents use separate solutions for each security function (network, endpoint, cloud, application and data center security).
Staff and skillset shortages. Most organizations do not have sufficient bench strength when it comes to cybersecurity. In the CDG survey, two of the top three challenges cited in implementing cybersecurity (lack of skilled staff; not enough staff and funding) were related to staffing.
Reducing complexity to strengthen security
To reduce the complexity of maintaining solutions on multiple platforms, many organizations are turning to a cloud-native integrated cybersecurity solution platform. In the CDG survey, 70% of respondents from organizations using a single, unified platform reported that it improves their cybersecurity.A unified platform improves situational awareness, expedites decision-making and reduces complexity by providing a consolidated view of security tools and data across the entire enterprise. Tight-knit tool integration enables organizations to enforce many security policies automatically. Staff can spend their time on more engaging higher-level tasks that improve employee satisfaction and retention.
An integrated cybersecurity solution platform simplifies the application of a Zero-Trust model, which requires a variety of tools for authenticating users, controlling access to applications, monitoring and assessing devices, and more. To stitch together and maintain these tools, cybersecurity teams often find themselves in the unwanted role of systems integrator. An integrated solution platform handles these tasks, so organizations can shut down threats more quickly and keep staff focused on cybersecurity.
Ransomware is another important use case, where multiple tools are required to fully protect the organization from attack. Similarly, as governments seek to modernize security operations centers (SOCs), they are looking for new ways to increase capabilities specific to threat detection, threat hunting, incident response and more. It’s critical that these security teams have complete visibility into telemetry and metadata across key control points. As with Zero Trust, a unified solution platform tightly coordinates various tools and activities to reduce the risk of a ransomware attack and provide greater visibility into an increasingly complex threat environment.
“Complexity is brittle,” says Michael Makstman, chief information security officer for the city and county of San Francisco.3 “As we think about resilient cities that can withstand not just ransomware attacks but other types of emergencies and business interruptions, and as we rely more and more on technology to deliver our services, complexity in technology becomes the brittleness that keeps me awake at night,” he says.
Makstman continues: “Simplifying and onboarding key vendors onto these platforms is the journey that we are on now — whether that’s pulling all the data into one view on a platform or reducing the number of vendors to have deeper interactions,” he says.
Optimizing and sustaining cybersecurity investments
The following steps help ensure the success of any journey toward an integrated cybersecurity solution platform.Assess cybersecurity maturity and create a roadmap. Conduct a gap analysis to determine where the organization is. Establish benchmarks for the future, and create a roadmap of goals and next steps. Re-evaluate and fine-tune on a regular basis.
Look for true strategic partners. Work with a trusted partner to help plan, implement and manage an integrated cybersecurity solution platform. Trusted partners should be “in it” for the long haul, which creates synergies and opportunities that are not possible in one-off, transactional vendor relationships.
Implement security from the inside out. Adopting a Zero-Trust framework enterprisewide can be daunting. Start by protecting core assets and work outward from there. First, ensure workloads that move across different cloud environments are secure. Then progress to network security, and ultimately perimeter security.
Consider sustainability/recurring costs. Cloud-based services eliminate many of the operating costs associated with managing and maintaining a solution. They also make ongoing costs more predictable. However, organizations will still incur costs related to managing cloud solutions over time. Be sure to incorporate these costs into your budget and your total cost of ownership.
A cloud-native integrated cybersecurity platform helps organizations strengthen security with fewer risks, lower costs and less complexity. Arriving at a mature, fully integrated cybersecurity solution is often a multi-stage process. Working with a strategic partner whose core expertise is cybersecurity will help organizations reach their destination more quickly and easily.
