In an era where digital threats are escalating, the public sector’s cybersecurity posture is more critical than ever, particularly for the public sector. With the proliferation of cyber threats and attacks targeting government entities, understanding and addressing cybersecurity challenges are of paramount importance.
On the 3rd of April 2023, at the Gallagher Convention Centre in Johannesburg, IT News Africa will host the Public Sector Cybersecurity event (#PubliSec2024), where cybersecurity experts and leaders will share valuable insights. This event serves as a gathering point for public sector CIOs, CTOs, CISOs, policymakers, and IT service providers to glean insights from local and international case studies, hear from public sector security experts, and network with best-in-class solution providers.
To shed light on this critical topic, we had the privilege of interviewing Anna Collard, a renowned cybersecurity expert, to gain valuable insights and perspectives.
 
1. Current cybersecurity challenges faced by the public sector:
– What are some of the most pressing cybersecurity challenges that government organizations are currently facing?
A: We’ve conducted multiple surveys over the course of the last 3 years about South Africa’s preparedness to deal with emerging threats as well as existing cyberattacks, particularly around cyber extortion and ransomware. The public sector, as well as construction and education sectors have consistently scored very low in both general cybersecurity culture and cyber resilience when compared to our financial and banking sectors.
This is concerning, as threats to South Africa’s critical infrastructure can have detrimental impact on our economy and our society at large.
The South African Council for Scientific and Industrial Research (CSIR) expects an increase in cyber-attacks on government departments and critical infrastructure, impacting not just private sector organizations but societies and countries’ economies.
This is not a South African phenomenon only, in KnowBe4’s most recent global report on cybercrime (available here) we have seen in a sharp rise in cyber-attacks in the public sector across the globe. Some of these include:
· Cyber-attacks against government agencies and public sector services increased by 40% in the second quarter of 2023 compared to the first
· Government agencies and law practices experienced the largest spike in ransomware attacks at 95% in quarter three of 2023
· Global ransomware attacks were up by 95% in the third quarter of 2023 when compared to the same period in 2022
· Generative AI is increasingly being adopted by cybercriminals to create sophisticated social engineering attacks
– In your opinion, what are the main obstacles preventing government agencies from effectively addressing these cybersecurity challenges?
A: One of the biggest challenges is the lack of priority by governments, a relatively low level of general cyber awareness as well as a lack of IT and cybersecurity skills. 2023 has been a difficult year for Sub-Saharan Africa’s economy, with growth slowing to 3.3 percent from 4 percent in 2022, the region is faced with some of the most daunting challenges in the world, such as limited resources, urgent humanitarian and development needs, energy crises, poverty and high youth unemployment rates. These challenges may explain a lesser focus on perceived non-business critical tasks such as cybersecurity culture.
However, this deprioritisation needs to change urgently if we want to participate in the global digital economy Cyber extortionists are looking for leverage: the more impact or damage they can cause the more pressure can be applied on a victim organization, the more ransom can be demanded and the more success they have in getting this ransom paid out.
The blatant vulnerabilities within South Africa’s public sector organizations, a lack of budget, adequate resources and skills shortage coupled with the fact that disruptions in this sector can have significant impact not just on the economy but to the society at large make this a highly attractive target.
2. Best practices for securing government networks and data:
– How important is it for government organizations to establish robust access controls and authentication mechanisms?
– Can you discuss the role of encryption in safeguarding government communications and data transmissions?
A: When we look at the modus operandi of RaaS groups or cyberextortions, they don’t target specific companies specifically, but they work according to lists of compromised accounts / access credentials they get from the access brokers and then figure out if it’s worth their while making use of that access to extort them. Because of the lack of stringent controls in place compared to let’s say banking or financial services, access to Public Services environments is more readily available to cyber criminals.
And obviously the impact of a potential outage to a critical public service is significant. And in the extortion business anything that provides leverage, meaning anything that allows criminals to put more pressure on the victim is attractive.
This is why public sector, manufacturing or any industry that will severely be impacted by an outage is attractive to the criminals because it provides more leverage. Hence protecting access to this environment, protecting credentials and enforcing strong access control is paramount in protecting this sector.
Encryption is obviously very important too, both from a protection of sensitive data at rest or in transit. Public sector organizations are custodians of citizen’s personal information and should adequately protect this information.
Both access control and encryption are just two components of a much larger cyber security puzzle though and can’t solve the problem by itself.
3. Strategies for mitigating cyber threats and vulnerabilities:

– What proactive measures can government organizations take to identify and mitigate potential cyber threats and vulnerabilities?
A: Security is an ever-moving target and cannot be achieved by purchasing a silver bullet technology solution. The concept of defense in depth, or security layers is still one of the most prudent ways to ensure adequate maturity.
This includes many layers of both technical, procedural and human defenses, such as regular monitoring, vulnerability and patch management, basic security hygiene, implementing an information security management system (ISMS) as well as cybersecurity training for employees compliment these strategies to further optimize government information security posture.
There is a critical need to strengthen the human aspect of cybersecurity within organizations through comprehensive security awareness training. As the sophistication of attacks designed to exploit the human factor increases, the continuous reinforcement of a strong security culture is an indispensable tool for enduring digital defense and operational continuity.
4. The role of emerging technologies in enhancing public sector cybersecurity:

– How are emerging technologies such as artificial intelligence, machine learning, and blockchain being leveraged to enhance cybersecurity in the public sector?
A: Using AI, ML and automation wherever possible to augment the current security workforce is highly recommended, especially in areas where skills are scarce and where teams have to deal with information overload, such as event & incident monitoring, threat analysis etc.
– What challenges or barriers exist in adopting and integrating these emerging technologies into existing government cybersecurity frameworks?
A: The challenge goes back to the skills shortage and capacity. The best automation tool will fail if not implemented properly.
– In your opinion, what emerging technologies show the most promise for improving public sector cybersecurity in the future?
A: AI in security event and incident management, analysis, detection, zero trust environment and behavior monitoring.
5. Recommendations for improving cybersecurity resilience in government organizations:
– What steps can government agencies take to foster a culture of cybersecurity awareness and accountability among employees?
A: Prioritize cybersecurity. Assign budget and resources to this. Involve leadership and show buy-in and commitment.
– How important is it for government organizations to collaborate with industry partners and other stakeholders to enhance cybersecurity resilience?
A: Absolutely crucial. The public sector right now is not able to stem the problem by itself due to challenges outlined above.
These challenges need to be addressed by a combination of regulation, technology, guidelines and awareness and public-private partnerships. Special attention should be given to threats posed to society through malicious use of new technologies, such as deepfakes, especially when used for political manipulation.
Involve the government to drive public education campaigns. More public private partnerships are required to assist our public sector organizations to build capacity, address the skill shortage and become more resilient in this ever-growing digital world.
Anna Collard underscores the evolving nature of cyber threats and stressed the necessity for proactive measures to safeguard government systems and data. She emphasizes the importance of adopting a holistic approach that encompasses robust security protocols, employee training, and ongoing risk assessment.
Don’t miss this opportunity to join the PublicSec 2024 event and connect with the public sector cybersecurity community.
To learn more, please visit the event website IT News Africa.