While cybersecurity breaches of large commercial enterprises and federal government agencies routinely claim the front-page headlines, information technology (IT) managers at all levels of state, county and local government are painfully aware that these high-profile breaches are just the most visible attacks. These government IT managers face equally challenging and potentially damaging security attacks and threats on a daily basis. Network intrusions and resulting breaches cost taxpayers money, undermine the privacy of citizens and erode the faith that government agencies can keep our data secure. With the volume and sophistication of these intrusions at all levels of government rapidly increasing, a strong defense is clearly needed. Cybersecurity is now a global priority.
“The U.S. Defense Department reports the Pentagon faces around 10 million cyber-attacks each day, with some state governments reporting nearly 200,000 cyber-attacks daily. “
But what does a “strong defense” entail? How can federal, state and local governments protect themselves from cyberattacks effectively? Cyberattacks happen when hackers exploit a weakness in network security to access protected information. Most people assume that cybersecurity is about raising firewalls and enhancing encryption – addressing the weaknesses in how networks are put together. Yet the most glaring weakness of the majority of networks is not the architecture of the system, it is the way people access those networks. Traditional passwords are the weakest link in today’s cybersecurity regime. Security threats targeting the end-user are on the rise and defending against them requires focusing on user identity.
Last year was the launch of the U.S. Government’s Cybersecurity Sprint, a strategy to advance cybersecurity and strengthen Federal technology infrastructure. One measure recommended is to “dramatically accelerate implementation of multi-factor authentication, especially for privileged users”. See how one Arkansas county protected $17 million from phishing attacks utilizing multi-factor authentication. Read the article here.