In our age of digital connectivity, cities and counties across the country must meet the ever-increasing demands of citizens and businesses for efficient and effective digital government. The coronavirus pandemic has only intensified these demands; socially distanced employees and citizens need digital-first services now more than ever, and organizations that lack a robust digital infrastructure are struggling to cope with COVID’s new normal.
But with this ever-accelerating shift to digital and online services, cybersecurity is more important than ever before. Cybersecurity experts reported an 800% surge in cybercrime since the start of the pandemic, with approximately 4,000 cyberattacks occurring each and every day.
No one is safe from this surge in cybercrime. Hackers today have their sights set on everything from personal work accounts to essential government infrastructure. If we’re going to thrive in our more heavily digitized economy and society, then we will need the cybersecurity protections that make all of our digital interactions safe.
The coming 5G revolution only further increases the need for adequate cybersecurity. With speeds potentially 100 times faster than the current generation of wireless technology, 5G can support a wider array of online services, platforms and digital equipment than ever before. For local governments, this means newer, better, faster and more formidable technology tools at their disposal, as well as faster and greater data sharing and remote work capabilities.
But all these benefits will come at the cost of even more significant digital exposure to hackers and cybercriminals.
Cybersecurity isn’t easy; it can often be very costly, and good cybersecurity typically scales more slowly than digital innovation, leaving us at risk as we adopt new technologies. But that doesn’t mean we can’t get cybersecurity done and done right. As we enter the second year of the coronavirus pandemic, I want to highlight three areas of cybersecurity that governments must focus on in their efforts to deliver the best in digital government:
(1) Policy
For years, cybersecurity policy has been the unspoken elephant in the room. Tech insiders and IT experts have known about the rising threat of cybercrime. But business and organizational leaders have all too frequently postponed discussing this threat and formulating the policies necessary for mitigating it; approximately 7 in 10 organizations are ill-prepared for a cyberattack.
The coronavirus pandemic changed all that. The rapid and often haphazard digitization of whole spheres of economic and social activity has forced the conversation about cybersecurity to the forefront. Many businesses with fully remote workforces, for example, must now confront the reality of their data protection and cybersecurity needs for their remote workstations. With so much crucial infrastructure and information exposed to hackers, cybersecurity can no longer be put on the backburner.
The time is ripe for a renewed discussion of cybersecurity policy at every level of every organization and government. Remote employees need to be briefed on the best practices and protocols for keeping data safe online, and governments need tight cybersecurity policies in place to prevent a disaster.
(2) Architecture
Cybersecurity architecture is one of the core components of digital safety. Poorly designed or shoddily implemented digital systems can entail significant cybersecurity vulnerabilities. It’s not necessarily a matter of bad technology; cybersecurity is as much as about how well you’ve built new technologies into your existing systems and communication channels as it is about the quality of the technology itself.
Nowhere is the importance of cybersecurity architecture more evident than in our remote workforces today. Almost overnight, governments across the country had to transition from an in-person, in-office workforce to a remote workforce. All things considered, that transition was pretty successful. But many governments implemented remote work systems that vastly outstripped their existing cybersecurity architecture.
In a perfect world, governments would have had more time to test, probe and refine their remote work systems before having to rely on them. But we don’t live in a perfect world. As we go forward, governments should make sure that their cybersecurity architecture is up to snuff, or else they risk courting cybercriminals and hackers. Good data backups, up-to-date cybersecurity software and secure network connections are all parts of good cybersecurity architecture.
(3) Operations
Finally, good cybersecurity requires clear and effective digital operations. COVID-19 rapidly tore down pre-existing barriers to digital government. Faced with the choice of adapting to digital government or struggling to provide continuity of services during a pandemic, many governments have quickly and effectively changed their daily operations to meet their newfound digital needs.
But emergency changes to daily operations are not enough. Governments will have to codify, systematize and normalize the new digital operations. That means, among other things, tearing down artificial or merely bureaucratic barriers to effective remote work and ensuring legacy communications channels are updated to meet the needs of the moment.
By focusing on the three aspects of policy, architecture and operations, governments can lay the groundwork they need for effective cybersecurity in the post-COVID world. Governments will have to act fast; 5G is coming, and will bring its own hurdles for governments rapidly adapting to keep pace with changing technology. As we move to 5G-enabled government systems, Governments must update their cybersecurity now, or risk a cyber-attack or data breach that will have devastating consequences.
Roger Murphy is director of IT managed services at Avenu Insights & Analytics.