Why cybersecurity is a perfect storm for the public sector


In 1991, a weather system formed off the east coast of the United States with a cold front that created a low pressure ridge to the east of Nova Scotia. At the same time, a high-pressure system extending out from the Appalachian Mountains forced the ridge first southeast and then to the west, where it encountered the remnants of Hurricane Grace, which it promptly absorbed and swelled in size as it did so. The resulting storm caused over $200 million of damage to the United States and was known as “The Perfect Storm,” later to be immortalized in a book of the same name. 

For public sector organizations trying to deliver cybersecurity, a similar pattern is emerging — but perhaps with less visible effects. Disparate elements are combining with rapid intensity and have the potential to unleash a ferocious assault on the world’s cyber defenses.

Consider the landscape

Digital footprint

First, your digital footprint is increasing massively. New applications using new technology are driving data growth. In fact, public sector leaders predict that data volume at their organizations will increase by 59% over the next three years. Digital experience is at the heart of the government's interactions with citizens — everything goes digital. And since the onset of the Covid-19 pandemic, working remotely has become the norm, meaning that there is a greater reliance on digital technology. Added to this mix are all of the new technologies expecting to transform the working environment and our lives in general over the coming years: IoT, 5G, machine learning, and generative AI.

This means that there will be more data coming from more sources with greater sophistication and complexity. No one expects the pace of change of technology to slow down or have to manage less data over time.

Cyber crime

Secondly, cyber crime is in its infancy. Threats are becoming more sophisticated and greater in number. Threat actors are proliferating at a great rate, and the barrier to entry is low — one person with a laptop and internet access can cause wide-scale destruction. State-sponsored cyber crime is the latest form of international warfare, and again, this is extremely likely to become more prevalent.

The latest wave of cyber crime activity seems to be focused on ransomware attacks with three high-profile incidents in the UK alone in recent weeks. As technology writer Renee Dudley has pointed out:


Criminals seeking the path of least resistance have rushed to get in on the extortion economy, and as ransomware matured as a business, gangs began to organise in ways that mirrored legitimate corporations. Many seemed to find safe haven in places such as Russia, North Korea and Iran, but large parts of eastern Europe also became hotbeds for cyber gang operations, and hackers now operate all over the world.

Security threats and citizen data

Thirdly, given this proliferation of security threats and the need to protect citizen data, governments are likely to increase regulation and compliance requirements. This puts additional pressure on public sector teams to learn and implement these new requirements — it may also have the adverse effect of plugging holes today without thinking about future needs.

Cyber skills gap

Finally, and potentially the most problematic of all: the cyber skills gap. In the UK alone, there is a shortfall of 14,000+ cybersecurity personnel each year. If you don’t have the right skills or cannot retain them (an especially huge issue for the public sector), how can you build a sensible plan to deal with the coming storm?

In summary, the public sector is contending with the concurrent challenges of more data and digital systems, more threats with greater sophistication, increasing regulation, and lack of the right skills. If you had an unlimited budget, this would still be a massive challenge but hands up to anyone who has that, especially in the public sector.

How to survive the cybersecurity storm

Unfortunately, unlike the original Perfect Storm, this isn’t a one-time event that will pass. This threat is only going to get worse. Burying your head in the sand is not a viable option. Trying to apply some cyber tech at it now in hopes that will solve the problem is also prone to failure. So, what should you do?

  1. Have a strategy and make sure it is forward-thinking. Take into account the need to evolve with the changing tactics of the threat actors. Make sure you have organization-wide awareness and understanding of the plan.

  2. Use technology that not only utilizes the latest in cyber defensive strategies but also has the flexibility to innovate to meet new challenges. Elastic, for example, recently introduced the AI Assistant to democratize the options open to security analysts, and we continue to bring security innovation to the market.

  3. Start your journey now — cyber criminals are not waiting. There will not be a one-off, simple defensive strategy you can take, so be prepared to think differently. A good place to begin would be with a data risk assessment. Some of Elastic's partners offer this service free of charge. This would give you details on where you need to focus in the short term as well as a template for your longer term plans.

  4. Consider your options — does it make sense to use a Managed Security Service that might help you deal with the skills gap challenge?

  5. The new security paradigm is open security. Closed or “black box” technologies have consistently been exposed by hackers as no single approach or development team will have all the answers to every possible threat. With open security, you have access to a larger user community that is collaborating to nullify those threats.

  6. Get help from experts. Elastic®, together with our partners, run workshops, assessments, and training and are building a program to help address the skills gap in the public sector. Take advantage of these sessions to hear from your peers and industry experts to get your plans in place.

Learn more about cybersecurity for the public sector

To dig in deeper on the cybersecurity landscape for the public sector and what to keep in mind as you build your strategy, take a look at Public Sector Cybersecurity: Protect your IP, data, and citizens.