Preventing cloud data leaks: four key actions city and county government organizations can apply to mitigate risk
City and county governments are wary of mounting security risks, particularly for data they store in the cloud. Ransomware, phishing attacks and other cybersecurity threats on local governments are hitting the news regularly—such as the recent DoppelPaymer ransomware and Ryuk malware attacks on Chatham County, Orange County and the City of Durham, all in North Carolina. The fear is real, and the risk is great. This is perhaps why, according to a recent cloud data security report, half of government organizations don’t store any data in the cloud at all. But, as a result, many city and county governments are also missing out on the benefits of the cloud’s cost efficiency, agility and resilience.
Why such an aversion to retaining data in the cloud? The consequences can be significant and the time it takes to discover and resolve them even greater. In particular, government organizations reported that the top security incidents they faced in the cloud were phishing attacks (39 percent), accidental data leakage (24 percent) and targeted attacks on cloud infrastructure (22 percent). Each of these comes with a high risk and cost. In fact, among the outcomes that government organizations suffered as a result of these data breach incidents, the cost of unplanned expenses to fix security gaps was at the top of the list (28 percent). Other painful results included loss of consumer credibility (13 percent) and even changes in senior leadership (11 percent).
More painful was the time government organizations reported it took to detect security incidents in the cloud. As many as 34 percent of government agencies spent weeks to discover data loss. Even worse? Sixty-seven percent of government organizations needed months to recover from an account compromise or data loss event.
The issue? Sixty-five percent of government organizations said that they were understaffed when it comes to IT and security resources; 59 percent reported employee negligence as a top cybersecurity challenge, while 53 percent reported having a lack of budget to address the issue.
However, there are some key actions city and county government organizations can apply to help resolve their cloud security issues, while still taking advantage of the cloud’s benefits including data retention, cost efficiency and scale. Consider these expert recommendations:
- Audit user activity and classify data. The overwhelming majority of respondents that audit user activity and classify their data were able to detect incidents in just minutes or hours. Organizations that did not reported that it could take days, weeks or even months for this detection. Having visibility into what data the organization stores and what is happening around that data not only speeds issue detection but can enable organizations to find and fix security gaps before a breach happens.
- Employ security automation or leverage outsourcing. Lack of staff, financial resources and expertise can be offset by working to automate routine IT tasks. This is even more vital as more IT and security administrators work from home as a result of the pandemic and need more time to address other critical issues. Limited resources can also be tackled by outsourcing critical security tasks to managed security services providers (MSSPs) who can apply security best practices and field proven processes to ensure your data is protected from threat actors and new breaches.
- Evaluate your supply chain. Supply chain compromises are increasingly threatening. Threat actors see this form of cybersecurity attack as a way to impact a broad ecosystem of organizations with a single attack. Be sure to pay close attention to the less-secure elements of your supply network. Mitigate risks through network segmentation and continuous auditing for malicious activity. This can help you avoid the high cost of compliance fines, consumer impact, forced changes in your senior leadership or even lawsuits. Ask all technology partners to prove they take every necessary security measure, including third-party audits, and limit your liability through contracts that make them accountable in the event of a breach.
- Think of the future, not just today. When working to apply adaptive security practices that address your real and present risks, think about the immediate impact as well as the long-term consequences threats and vulnerabilities can pose to your organization. Don’t only think of the immediate unplanned expenses and compliance fines of a potential breach. There are many, more severe outcomes that can affect your organization, including loss of reputation and consumer trust. Assessing your security risks needs to account for all aspects of a potential loss.
Moving workloads and data to the cloud can deliver great benefits. Reduced IT costs, increased scalability and improved business continuity and more are among them. Don’t let the fear of data leaks in the cloud prevent your city or county government organization from realizing them. With careful preparation and a mindful security strategy you can safely store data in the cloud without data leak risk.
Ilia Sotnikov is an accomplished expert in cybersecurity and IT management and serves as vice president of product management at Netwrix, an Irvine, Calif.-based cybersecurity vendor that makes data security easy. Sotnikov has more than 15 years of experience in IT management software market. Prior to joining Netwrix in 2013, he was managing SharePoint solutions at Quest Software (later acquired by Dell).