The accelerated digital transformation that public sector organisations have experienced over the last year has had a profound impact on the ability of these agencies to meet their mandates. Virtually delivering vital services to their constituents and supporting a dispersed workforce faced with work-from-home edicts are but two examples of the gains made in this unprecedented period of history.
Unfortunately, malicious actors also made significant gains. Advanced persistent threats and targeted attacks have also reached new levels. These attacks threaten the mission, add risk to services and public safety, and stretch already lean institutional budgets to the brink.
No shortage of wake-up calls
Look no further for real examples of this new reality:
- Approximately four percent of malicious links in relation to the pandemic were found in ASEAN, with an estimated 80,000 phishing attacks within the first three quarters of 2020.
- ASEAN enterprises have made ransomware payments amounting to over US$1 billion.
- Ransomware families such as Maze, REvil, Ragnar and NetWalker are targeting various sectors in ASEAN such as Aerospace in Singapore, IT Services in Malaysia and Manufacturing in Vietnam.
In addition, the oil and energy sectors have been primary targets of cybercrime over the past few years. As these sectors are part of the critical infrastructure of a nation, such attacks not only impede the economy, but also affects public confidence in the services provided by these sectors.
A razor-thin margin for error
In light of these constant reminders, IT and cyber operations need to revisit long-standing incident response processes. Organisations can no longer wait for an incident that escalates to a war room to drive collaboration between NetOps, SecOps, and now CloudOps teams.
The sophistication of advanced threats, supply chain attacks, and new attack vectors created by ballooning surface area means that every organisation must assume they will be compromised.
Once breached, time is of the essence to prevent catastrophic damage. Waiting on disconnected investigation teams and fragmented tools affords threat actors more opportunity to act without being detected.
There is no better time for truly collaborative NetSecOps.
NetSecOps is defined as the collaboration between the Network, Cybersecurity, and often the Cloud teams to reduce the friction that can delay a response to either a security incident or an application outage—which potentially risks the institutional mission or causes monetary damage.
Collaboration between NetOps and SecOps teams can result in 37 percent reduction in risk and 31 percent increase in responsiveness to changes in the business, which is exactly what organisations need in the face of the uncertainties facing them in 2021 and beyond.
On the other hand, when NetOps and SecOps stand alone, security events are met with slow response, more service downtime occurs, there is a higher loss of productivity and the increase in security breaches and data loss simply lead to a fruitless blame game.
By integrating SecOps and NetOps, CIOs and CISOs can improve the effectiveness and efficiency of their operations and drive significant operational, risk management, and economic benefits for their organisation.