What local governments can do to build better cybersecurity

Ensuring the funding of proper cybersecurity and other cyber-related projects has long been a challenge in the public sector. There are few incentives to invest in cyber because it’s not easy to boast about to constituents as the threats it protects against are nebulous and often unseen.

However, the recent SolarWinds, Microsoft Exchange and Colonial Pipeline attacks show that this mindset can hurt us. These attacks have been expensive, public reminders that making security an afterthought is impractical—it’s too dangerous, costly and unpredictable.

The recently passed American Rescue Plan recognized the danger of this mindset and earmarked $350 billion in flexible aid to state and local governments, giving them great autonomy to use these funds to best serve their needs.

What my conversations with local governments reveal is that the tide may be turning. These organizations are investing holistically in infrastructure. Their plans for building hospitals and roads, deploying aid to small businesses and other impacted constituents, and rolling out vaccines, have one thing that ties them all together: cybersecurity.

The sauce, not the garnish

In the highly centralized network architecture that many governments have traditionally run, security was often seen as a garnish—something that was nice to have but not integral to completing the dish.

That approach is no longer feasible. Advancements in cloud-based applications and services, the proliferation of IoT and other connected devices, and the onset of the pandemic and remote work elevated the importance of security. Suddenly, hundreds or even thousands of devices were connecting to the network, many from outside the network itself and its centralized suite of security tools, revealing new avenues of vulnerability that bad actors could exploit.

What’s more, the data these devices are working with is increasingly important—and valuable. From cameras collecting traffic data to hospitals electronically recording patient data to the online education systems that protect student data, local governments are collecting, transmitting, storing and analyzing vast amounts of personal information about their constituents.

Bad actors know this. In fact, a recent survey found that 84 percent of government organizations in the United States saw one or more cloud networking attacks in the past year. Increasingly, government organizations are finding that they need to do more than just secure devices, they need to be vigilant wherever the data is. And increasingly, the data is everywhere.

In this new data-centric, borderless environment then, security can no longer be a “garnish” to traditional networking. It needs to be seen as the “sauce,” something that covers everything in fundamental architectures of the network and an integral part of any project. The stakes are simply too high.

The good news is that the litany of recent breaches and high-profile attacks has forward-thinking governments thinking smart. Many of them already understand the central role that cybersecurity now plays and so are making sure to build it into everything they do.

For example, a county health agency opening 15 new clinics knows that it now has 15 potential sites of exposure—plus the infrastructure connecting them to one another, and to the agency headquarters—that need to be secured to ensure the health and privacy of its patients.

Local law enforcement organizations are recognizing that cybersecurity plays a critical role in ensuring that the chain of custody remains unbroken, that evidence to be used in court remains secure—even when an Assistant DA wants to review it at home on their iPad instead of printing out thousands of pages, and that digital evidence such as body camera footage isn’t tampered with.

Even the construction of physical infrastructure now relies on robust cybersecurity. A local department of transportation building a bridge needs to ensure that the ad hoc networks, IoT devices and other digital systems that spring up around construction sites are secure, so that massive engineering and construction teams can coordinate, workers are paid and the bridge is ultimately safe for use.

These government agencies are making networking and cloud investments that make it easier, safer, and more convenient to collect revenue from and disperse payments to the public. And they are increasingly adopting a “defense in depth” approach, that ensures that as the network expands to take advantage of these new opportunities, they can protect everywhere as well.

For the new federal funding to be maximally effective then, it must recognize the prime role that cybersecurity now plays in any project. To get the most bang for their buck, governments across the country should consider maintaining, improving and adapting their systems to give themselves the ability to protect their citizens from the constantly evolving techniques malicious actors use to undermine systems.

This new funding is an opportunity for these agencies to not only improve their cybersecurity but recalibrate their whole approach to one that is data-centric and provides defense in depth across the organization.

They should take it. The costs are immeasurably high, the risks unimaginably great, and the privacy of citizens is far too valuable to do otherwise.

Rufus Coleman is the director of sales and general manager of the newly formed State/Local Government and Education (SLED) business at Infoblox. In this role, he manages all facets of the sales operation, and is responsible for establishing channel, marketing and business development programs. Coleman has worked with technology in the public sector domain for more than 20 years.