A recent article in USA Today uncovers a stark reality - as state and local government agencies extend their online payment capabilities, basic security protections have not kept pace with the growth in data exchange, and the vulnerabilities that accompany that growth.
The article outlines a well-publicized breach at the South Carolina Department of Revenue's data system, which subsequently exposed 3.6 million social security numbers, along with 387,000 stolen credit card numbers. With a black market value for social security and credit card numbers at roughly $3 apiece, the breach could have potentially netted the hackers a whopping $12 million on a good day.
In the case of South Carolina, officials noted that even three months after the breach, they "do not know the exact state of cybersecurity at all agencies." The breach was noted as "a good example of how fragmented our state data-security system is," according to House Majority Leader Bruce Bannister, from Greenville, SC.
This is the case with many of the organizations that SecureWorks confronts. Often, a culture of chasing the "latest and greatest" technology comes at the expense of the basics when it comes to developing a security program and uncovering network vulnerabilities. But despite the introduction of new and varied threats with each passing month, government organizations can cost-effectively manage security with a layered approach that includes conducting security risk assessments, managing mobile devices, applying encryption and endpoint security controls, implementing data center and network security controls, and implementing continuous endpoint monitoring.
And a critical first step toward this goal is gaining situational awareness - meaning visibility into where data resides, and visibility into what the real risks are that the organization faces. Developing an effective and efficient defense against attacks, from both insiders and outsiders, also requires that the organization be aware of where their device endpoints are.
Although the solutions are out there, a lot of the necessary strengthening of security posture should come in the form of comprehensive changes, which also includes cyber-security awareness training, and an entity to enforce security policies. In many cases, a top-down approach is the only way to effect change.