So far, 2019 has been another year of frequent and devastating cyber attacks for the public sector. Despite the abundance of cybersecurity solutions – both offensive and defensive – no organization seems to be able to stem the tide of cyber attacks. And this is particularly true for federal government agencies.
According to the 2019 Verizon Data Breach Investigation Report (DBIR), state-sponsored cyber-espionage is the fastest growing threat facing the public sector. With over ten years of research, recommendations, and insight, the DBIR is an essential resource for cybersecurity professionals as their fight against cyberattacks goes up against well-funded and well-resourced state actors. And while the insight the DBIR provides on attacks is invaluable, Chris Novak, Director of the Verizon Threat Research Advisory Center shared an often overlooked way in which the DBIR can help bolster agency defenses. “The DBIR doesn’t just tell the story of the latest trends in cybersecurity, it also paints a picture of where cyber defenders have struggled over the years,” he shared.
Because they are well-funded and resourced, the nation-state actors that launch these cyber-espionage attacks have a wide range of tools at their disposal. From conducting social phishing expeditions via email to malware attacks, there are multiple ways that these cyber spies can gain access to sensitive government data. Moreover they can use these attacks, even if unsuccessful, to accumulate valuable insight into how agency networks are configured and secured to make the next attack easier.
What these data breach trends mean is that government agencies need to do more than just secure endpoints and install desktop anti-virus. Agencies also need to understand the human element, eliminate backdoors, and come to grips with the constant threat of malware.
While some of this state-directed nefarious activity can be stemmed by technology, to be effective government agencies should go back to cybersecurity’s first principles – People, Process, and Technology. While these three words might seem trite, if you apply them to phishing attacks their wisdom is evident.
In email phishing attacks, people are the threat vector by which the data breach is successful; educate workers and provide regular security awareness training so that they can spot a suspicious email and more breaches may be stopped before they get started. Make sure there’s a straightforward reporting process for suspicious emails so that workers can flag them and they can be quarantined quickly. And, of course, having state of the art email hygiene tools that can triage all incoming mail is essential.
“The data in the DBIR is a great way to cut through the fear, uncertainty, and doubt that sometimes afflicts the cybersecurity profession,” noted Chris. “It draws conclusions from real data and empirical evidence supplied by more than 70 global cybersecurity organizations it provides actionable insight that’s applicable to the situation at hand.
If you’re ready to start preventing breaches, you can access the 2019 Verizon Data Breach Investigation Report for federal government agencies here.