Key Recommendations for Cyber Resilience in the Public Sector

Imagine needing to schedule a telehealth consultation with a public healthcare institution, only to find out that its website is inaccessible.

That is exactly what happened in Singapore just recently when the country’s public healthcare institutions could not be accessed for hours due to a Distributed Denial-of-Service (DDoS) cyber attack.

Something similar happened in the Philippines just a couple of months earlier when its state health insurer was attacked by ransomware, leaving the agency unable to provide several of its online services, like checking for contributions and member information verification. Worse, it is widely feared that in the hours it was inaccessible, member data may have been compromised or stolen.

Download this e-book for a more nuanced understanding of the state of security today.

These cyber attacks, a couple of months apart but in the same time zone and vicinity, underscore how no organisation is entirely safe from cybercriminals, and how an attack can happen to anyone anywhere and at any time.

They emphasise an urgent necessity for cyber resilience, particularly crucial for public sector entities such as healthcare institutions and government agencies. Cyber resilience, in essence, involves the capacity to anticipate, address, and rebound from cyber attacks or disruptions—similar to the incidents experienced by Singapore’s public healthcare institutions and PhilHealth.

Now, the pivotal question arises: How can government organisations achieve cyber resilience?

These three recommendations can start you off:

1. Use data and analytics to optimise threat detection and response. Data is king, and that is true even in detecting threats and responding to them. That’s because data is the lifeblood of analytics, which is in turn used by security teams to identify cyber risks, enhance threat detection, accelerate threat investigations, and automate remediation.
2. Invest strategically in resilience and ransomware protection. Enhancements require financial commitments, and organisations looking to enhance cyber resilience will need to do the same. In particular, organisations need to invest in solutions that will:

• Increase visibility throughout the entire technology environment.
• Accelerate response and remediation of incidents.
• Speed up the recovery of customer and user services.
• Combine cyber resilience efforts with traditional business continuity/disaster recovery preparation.
• Prevent ransomware attacks or mitigate any just in case.

3. Cloud security is key. While clouds have security features by default, they might not actually be enough given the threat-filled cyber landscape of today. And this is why rigorous cloud workload hardening is a must nowadays—along with being proactive in terms of identifying misconfigured workloads and misaligned cloud practices.

More and more security teams are understanding the criticality of improving resilience, with the end goal of reducing mean time to detect and mean time to recover, since prolonged downtime can, on average, reduce an organisation’s annual revenue by 2.7%, according to a study by Splunk.

And, in the case of organisations in the public sector, the ramifications of extended downtime caused by cyber attacks can be particularly severe, making the distinction between providing timely, effective service and failing to do so. In critical service domains, such as healthcare, extended downtime could lead to serious consequences.

This is why it is even more imperative for public sector organisations to aim for cyber resilience, so they can best serve people in a timely and efficient manner.

For deeper insights into cyber resilience and strategies for achieving it, click HERE.