According to Zscaler’s most recent ‘State of Encrypted Attacks Report’, the public sector experienced a sharp rise in encrypted attacks, with a 185% year-over-year increase globally. Government entities are an attractive target for cybercriminals due to their pivotal role in shaping and safeguarding national interests and personal data of inhabitants. Only the education sector topped government entities with a surge of 276% year-over-year in encrypted attacks. As this sector continues to embrace digital transformation, adopting innovative systems and tools to handle vast amounts of sensitive student data, it faces the prospect of becoming a key target for attackers due to its expanded attack surface.
In order to prevent public sector organizations from becoming easy prey for attackers who are using modern AI technology to drive their malware campaigns, IT security decision makers are well advised to take action and modernize their security infrastructure to better combat these new tactics. However, government bodies, municipalities, educational or healthcare institutions are not known to be among early adopters of new technologies in general. They stick to legacy technology and keep investing into security hardware, as this is their comfort zone. Inertia is unfortunately the enemy of security, as malware actors keep innovating their tools and tactics continuously. In order to break that vicious cycle and shift away from traditional methods and towards new innovative approaches, the public sector needs more disruptors among their IT security decision makers.
Disruptors pave the way to transformation
Disruptors have the innate understanding that in order for things to change or transform they require a different approach. They are willing to change their mindset and look for new ways of working, even against the resistance of the broader team. Starting a transformative process is not an easy task as the disruptor has to be prepared to force their organization to accept this journey of change at the beginning.
First of all, it takes a certain curiosity to explore the benefits of a new technology approach like zero trust. A certain tech nerdiness helps to translate the benefits of a new solution into something that other people are willing to get involved with. When it comes to making a move to the cloud, one of the biggest concerns has always been security. These concerns tend to be even greater among public sector organizations, given the value and nature of the data residing within their systems. Hence a change to a cloud-based security platform is a hard sell internally, even if a zero trust approach – based on the principles of the least privileged access permission – proves to be able to become a game changer.
End users want simplification
The biggest hurdle in any technology transformation is to fight against the human habit of sticking to known processes. Moving away from everything an administrator has ever known makes them feel uncomfortable in the first place. A disruptor has to be able to inspire a vision for the internal tech community in order to support the change. And one important driver for transformation that should not be underestimated in the decision process is the end user itself.
If IT is made simple for the end user and allows them to be more productive and more effective at the same time then they can become an internal advocate for a technology change. Nothing is more helpful than the end user community who stands up and speaks for a technology. They are the greatest case study for innovation and simplification to those involved in either the buying process or the rollout. At the beginning it might feel like having to fight and force the transformational process through the IT teams and business units, until the technology can advocate for itself by demonstrating its value.
Disruptors at the GovTech Summit
At the upcoming GovTech Summit the topic of encouraging a culture of change to combat the ever increasing cyberthreat landscape is only one of the topics at a panel discussion I will attend. We will also be taking a look at the current cyber threats and the attack vectors that are going to increase their impact on public sector organizations and discuss defense strategies. Zscaler enables the public sector to fully embrace the cloud and modernize IT by leveraging zero trust—securely connecting users to applications regardless of device, location, or network.
Being a disruptor might feel like a lonely role, but it is one of the most important jobs that an IT decision maker will take on. In the long run, a cloud-based zero trust approach will make a difference. Our Zero Trust Exchange™ enables the seamless, secure exchange of information, transforming the way the public sector work today and tomorrow. As a former public sector CISO I can only encourage the IT function to stop doing what they have always done and approach security differently. Not only will the end user appreciate the simplification but the security posture will as well.
Join me for the panel discussion at GovTech on Tuesday 24th of September 11:30.am.
[#item_full_content] [[{“value”:”According to Zscaler’s most recent ‘State of Encrypted Attacks Report’, the public sector experienced a sharp rise in encrypted attacks, with a 185% year-over-year increase globally. Government entities are an attractive target for cybercriminals due to their pivotal role in shaping and safeguarding national interests and personal data of inhabitants. Only the education sector topped government entities with a surge of 276% year-over-year in encrypted attacks. As this sector continues to embrace digital transformation, adopting innovative systems and tools to handle vast amounts of sensitive student data, it faces the prospect of becoming a key target for attackers due to its expanded attack surface.
In order to prevent public sector organizations from becoming easy prey for attackers who are using modern AI technology to drive their malware campaigns, IT security decision makers are well advised to take action and modernize their security infrastructure to better combat these new tactics. However, government bodies, municipalities, educational or healthcare institutions are not known to be among early adopters of new technologies in general. They stick to legacy technology and keep investing into security hardware, as this is their comfort zone. Inertia is unfortunately the enemy of security, as malware actors keep innovating their tools and tactics continuously. In order to break that vicious cycle and shift away from traditional methods and towards new innovative approaches, the public sector needs more disruptors among their IT security decision makers.
Disruptors pave the way to transformation
Disruptors have the innate understanding that in order for things to change or transform they require a different approach. They are willing to change their mindset and look for new ways of working, even against the resistance of the broader team. Starting a transformative process is not an easy task as the disruptor has to be prepared to force their organization to accept this journey of change at the beginning.
First of all, it takes a certain curiosity to explore the benefits of a new technology approach like zero trust. A certain tech nerdiness helps to translate the benefits of a new solution into something that other people are willing to get involved with. When it comes to making a move to the cloud, one of the biggest concerns has always been security. These concerns tend to be even greater among public sector organizations, given the value and nature of the data residing within their systems. Hence a change to a cloud-based security platform is a hard sell internally, even if a zero trust approach – based on the principles of the least privileged access permission – proves to be able to become a game changer.
End users want simplification
The biggest hurdle in any technology transformation is to fight against the human habit of sticking to known processes. Moving away from everything an administrator has ever known makes them feel uncomfortable in the first place. A disruptor has to be able to inspire a vision for the internal tech community in order to support the change. And one important driver for transformation that should not be underestimated in the decision process is the end user itself.
If IT is made simple for the end user and allows them to be more productive and more effective at the same time then they can become an internal advocate for a technology change. Nothing is more helpful than the end user community who stands up and speaks for a technology. They are the greatest case study for innovation and simplification to those involved in either the buying process or the rollout. At the beginning it might feel like having to fight and force the transformational process through the IT teams and business units, until the technology can advocate for itself by demonstrating its value.
Disruptors at the GovTech Summit
At the upcoming GovTech Summit the topic of encouraging a culture of change to combat the ever increasing cyberthreat landscape is only one of the topics at a panel discussion I will attend. We will also be taking a look at the current cyber threats and the attack vectors that are going to increase their impact on public sector organizations and discuss defense strategies. Zscaler enables the public sector to fully embrace the cloud and modernize IT by leveraging zero trust—securely connecting users to applications regardless of device, location, or network.
Being a disruptor might feel like a lonely role, but it is one of the most important jobs that an IT decision maker will take on. In the long run, a cloud-based zero trust approach will make a difference. Our Zero Trust Exchange™ enables the seamless, secure exchange of information, transforming the way the public sector work today and tomorrow. As a former public sector CISO I can only encourage the IT function to stop doing what they have always done and approach security differently. Not only will the end user appreciate the simplification but the security posture will as well.
Join me for the panel discussion at GovTech on Tuesday 24th of September 11:30.am.”}]]