Reducing the impact of cyber attacks on the public sector
ITWeb Events spoke to Dr Peter Tobin about his expertise and experience in the information technology field as supplier, customer and consultant. He also has ten years of experience as an academic, including extensive research supervision and publication. Dr Tobin will present at the Public Sector ICT Forum, at The Four Seasons Hotel, Westcliff, on 14 September.
ITWeb Events: You are presenting at the Public Sector ICT Forum event on common cyber attacks and how one can reduce the impact of such attacks on the public sector - what are the most common attacks experienced in the public sector; and are they vastly different to those that beleaguer the private sector?
Tobin: One only has to look at the WannaCry attacks in May 2017 to see an example of how public sector institutions around the world can be impacted by threat actors. Although some of the widest reported cases in the public sector were in the National Health Service in the UK, closer to home Telkom were honest enough to reveal some of the impact that the WannaCry cyber attack had on their systems.
In some ways the public sector in SA is more at risk than the private sector due to a widely recognised lack of public sector skills. There are currently no reliable figures for the most common attacks in the public sector in SA, but a UK government white paper from the National Cyber Security Centre in 2016 did discuss some of the most common attacks: phishing, watering holing, ransomware, scanning, spear phishing and deploying a botnet.
ITWeb Events: How vulnerable is our public sector? Do you have any examples of 'recent' cyber activity that has threatened the public sector, and what was the outcome?
Tobin: This question could best be answered by the Computer Security Incident Response Team which operates as part of the State Security Agency in South Africa. The CSIRT on its Web site (http://www.ssa.gov.za/CSIRT.aspx) states that: "Our core services are primarily offered to Organs of State, with the aim to create a single point of contact, where the constituency can obtain CSIRT services and receive assistance on cyber security issues", but there is little reporting emanating from CSIRT on what is happening in the public sector in terms of threats and responses.
Maybe the passage through parliament of the much-discussed Cybercrimes and Cybersecurity Bill - CCB for short (where the opportunity for public input closed on 10 August 2017) will help the public sector better manage cyber security as part of their approach to integrated risk management. The CCB raises the issue of critical infrastructure and this is surely a priority area in terms of managing vulnerability.
ITWeb Events: How is cyber security related to integrated risk management as a whole? What factors does the public sector need to be aware of when assessing and managing its risk?
Tobin: The SA government Public Sector Risk Management Framework (PSRMF) was published by National Treasury in 2010 as a formalisation of integrated risk management. Although the PSRMF does not refer directly to cyber security it does provide a useful guide to identifying, assessing and responding to a wide range of risk categories, of which cyber security is clearly but one.
The key factors to be aware of to be covered in more detail during the Public Sector ICT Forum include understanding the threat landscape, vulnerabilities common cyber attacks and reducing exposure to cyber attacks.
ITWeb Events: What counter-mechanisms can the public sector put in place to minimise the number of threats and the consequences of an attack?
Tobin: Key measures include using a series of essential security controls (largely based on technology solutions), ensuring the appropriate processes and policies are in place (including incident management), and addressing the human factors issues through ongoing education and training in cyber security awareness.
ITWeb Events: What are you looking forward to most regarding your presentation and participating in the upcoming Public Sector ICT Forum event?
Tobin: I am looking forward to learning from the other speakers and the delegates about which issues they consider most important now and over the next couple of years. This as ICT in the public sector becomes ever more important as a critical success factor in government's ability to deliver of the promise of a better life for all as outlined in the National Development Plan.
I am also looking forward to sharing some international leading practices from the UK and addressing any questions that arise from my presentation or during the panel discussion.
If you are interested in becoming a member of the Public Sector ICT Forum and would like to be invited to future events and kept up to date with the forum's exploits visit its Web site: http://www.brainstormmag.co.za/event/psict/?page=membership