Public sector technology - 2019 cybersecurity trends

(Image credit: Image Credit: Pavel Ignatov / Shutterstock)

As part of his plan to improve the U.K.’s defences, including cybersecurity, last year Phillip Hammond pledged an additional £1bn to the cause during his most recent Budget announcement. Given previous cyberattacks, such as WannaCry on the NHS, this investment is well needed. But what will this money be spent on in 2019, and will we see tangible results emerge? The following points highlight what to expect regarding cybersecurity in public sector technology in the coming year.

1.       Skills are the solution

Yes, the public sector now has a considerably bigger pot of money to spend on cybersecurity, which is particularly important given the growing number of cyberattacks they are experiencing every day. But do they have the human resources to match?

The short answer is no. Irrespective of the amount of funding public sector IT teams have to spend on their cyber defences, this will not help with the root of the problem: there are not enough highly skilled workers to actually install, maintain and monitor the necessary defences. While there has been an active push by the government to recruit more and more graduates into their cybersecurity teams, the effects of this won’t be felt for at least a couple of years, as these young recruits need to build up their knowledge and experience. Although they have the required qualifications for the role, they do not necessarily have the business skills needed when on the job, meaning they probably won’t react fast enough, or successfully prioritise risk.

Due to this situation, over the next twelve months there is likely to be a much more concerted effort from organisations within the public sector to upskill their existing staff. Furthermore, in order to cope with the real lack of human resources, current IT teams will heavily rely on automation to help them prioritise and focus their activity.

2.       Technology platforms are consolidated

In the past, the government has prioritised individual cybersecurity vendors as the best way to manage their cybersecurity requirements. As a result, these organisations have seen a great deal of investment. This also means that these vendors and their newly installed technology are overwhelming existing — and limited — resources with the vast amount of security data that they yield. Next year, the government will wake up to the fact that they desperately need tools that provide the ability to link together these lone data outputs. This will provide their IT departments with a means of viewing their infrastructure in a far more simple way, as well as a better way to understand the risk associated with individual threats and where their resources need to be prioritised.

3.       Press pause on projects

Simultaneously, this influx of money for central government departments to improve their existing cybersecurity management systems will mean a whole new range of tools will be purchased to aid the fight against cybercrime. However, this initial increase will gradually drop off towards the end of 2019 and into 2020 and less technology will be purchased. This will happen, as a number of new projects will be forced to hit the pause button, as departments up and down the country realise that the skills required to fulfil these projects is unavailable, and the resources needed to deploy the latest technology is simply unobtainable.

4.       Purchasing of security tools is centralised by the NHS

A great deal of NHS-Digital’s 2019 budget is being poured in to enterprise license purchases to standardise web filtering gateways, firewalls and vulnerability management software. This was first seen when the organisation struck up an agreement with Microsoft for their Advanced Protection Tool. However, there is a danger that by doing so, existing vendors will become frustrated because their revenues will take a significant hit as regional contracts with the NHS, as well as those with NHS-Digital, will be less valuable. It is expected that NHS-Digital is going to relocate regional NHS organisations from their current infrastructure and, as a result, existing suppliers will have to battle it out amongst each other in order to secure their chunk of NHS funding for the future. NHS-Digital’s new strategy could actually backfire, as it will inevitably result in bypassing what their original goal was: to establish an overarching and thorough understanding the NHS’s assets across the country, and its activity across the internet.

5.       A mobile working environment driven by Brexit

Understandably, in order to cope with all the changes and additional requirements that will be necessitated by Brexit, the number of U.K. central government employees will need to grow at an equally fast pace. As part of leaving the E.U. the government will also need their systems to scale so that civil servants are able to access resources quickly and securely. In order to do so, as many applications as possible will need to be moved across into a cloud environment, so that employees who need to access networks when working from home, or out of the office, can do so quickly and easily. The main concern associated with workers externally logging into a system is the issue of identity access management. It will take a considerable effort from the government to install a brand new authentication solution. Anything they do implement will need to remove those users who no longer work in the public sector, yet whose information stills exists on the IT systems.

6.        Threat from nation states intensifies

Previous cyberattacks on our government and public sector departments have shown that their IT systems are extremely fragile, vulnerable and easily exploited. Therefore, it is highly likely that foreign threat actors will take advantage of these weaknesses and will try to compromise the U.K. government’s IT networks. This might not be a wide-scale cyberattack, but one that is subtler. Instead of bringing the entire government’s IT network down, threat actors could be far smarter, for example, by stealing highly sensitive data that provides them with information about the intelligence of system operability as well as interrupting the services that the government provides, and its own internal operations.

Peter Batchelor, Public Sector Technology Specialist and Director, Skybox Security
Image Credit: Pavel Ignatov / Shutterstock