Cybersecurity in government

Government and public sector organizations are under constant threat from a broad range of adversaries seeking to disrupt critical state infrastructure and operations as well as compromise confidential information, intelligence, and national secrets.

In the search for high-value targets, cybercriminals will seek out organizations whose poor security controls make them a weak link in the chain. To defend themselves against growing range threats, governmental organizations, including state departments, agencies and councils, face a range of cybersecurity challenges including:

  • Stemming attacks seeking to disrupt public infrastructure and services

  • Protecting mission-critical intelligence from malicious actors

  • Defending against targeted attacks funded by nation-states

  • Managing continuous and widespread workplace digitization

  • Balancing limited funding and competing national and regional priorities

Key security questions for public sector organizations

Key security questions government organizations should be asking:​

  • How often are critical systems tested for vulnerabilities

  • How regularly are systems backed up to mitigate ransomware?

  • Are lines of accountability and remits clear—both for policy and for crisis response?

  • Is it clear how government priorities are decided and communicated?

  • Is there a coherent, cross-government strategy? Is it reviewed and refreshed regularly?

  • What performance metrics does the government have for the strategy? How are they monitored?

  • What information does the government publish about progress on cybersecurity?

  • Do the responsible parts of government come together regularly to agree on plans and review progress?

  • To what extent do data protection and privacy regulations reflect the challenges of the digital age?

  • How coherent is the approach to cyber regulation across different sectors of the economy and the wider information and communications technology supply chain? What advice does the government provide?

  • Does the criminal law adequately address offenses committed online?

  • How closely have policies and regulations been developed in partnership with private-sector operators who will be impacted?

  • What are the emergency-response arrangements for a major cyberattack?

  • Is there a national emergency-response team? Are there emergency-response teams for key sectors?

  • What arrangements are there for the sharing of information to prevent and respond to a cyberattack? Are there clear reporting mechanisms for alerting the authorities to a cyberattack? What happens when a report is received?

  • How often are response arrangements tested and exercised?

  • How will the government ensure rapid recovery from a cyberattack?

  • Which agency or agencies have responsibility for the investigation of cyberattacks and online crime? What capabilities and capacity do those agencies have?

  • What capabilities and capacity does the government have to gather intelligence on cyber threats, assess them, and disseminate the analyses in a way that shapes action?

Cybersecurity compliance in government

Cybersecurity has increasingly become a major concern for the public sector. In 2015, the public sector suffered more confirmed data breaches than any other single industry and continues to be a top target for hackers seeking critical information or to disrupt government.


The Federal Information Security Modernization Act of 2014 amends the Federal Information Security Management Act of 2002 (FISMA).  The goal is to provide information security protections commensurate with the risk and magnitude of the harm resulting from unauthorized access, use, disclosure, disruption, modification, or destruction of information and information systems.


Government organizations and all critical infrastructure as defined by the Department of Homeland Security (DHS) must invest in cyber and data protection

  • LinkedIn Basic Black

Copyright @ 2020. Antares Security LLC. All Rights Reserved