By Allen McNaughton, Director of Sales Engineering, Infoblox Public Sector
Last year was unprecedented for almost everybody in networking and cybersecurity, but particularly for those working in government IT. The COVID-19 shutdowns strained IT resources for governments at the federal, state and local levels, as teams were forced to secure remote workers almost overnight, even as they built out the infrastructure to make working from home possible. On top of building out cloud infrastructure to enable remote access, government IT teams also had to defend these new network architectures and legacy systems.
Like many organizations, the US government has had to shift gears to tackle well-resourced attackers capable of finding and exploiting unexpected gaps, and is quickly applying lessons learned from the cascading SolarWinds breach to do so. The US government is a constant target not only from well funded hacking organizations but also nation-states which requires rapid resolution not only within an agency but across the entire government.
To understand the foundational infrastructure challenges faced by networking and security decision-makers in federal, state, and local governments in the US, Infoblox and CyberRisk Alliance Business Intelligence conducted a survey of 294 senior-level federal, state and local government IT executives. The survey focused on the cloud-computing challenges that these organizations faced, which in recent months have been closely related to pandemic-related issues, as well as their financial and business continuity impact. The results of the survey were highlighted in a recently-released Cybersecurity Insight Report. Some of the survey’s key findings include:
- Cybersecurity breaches inflict multi-million dollar pain on government organizations: 81% of respondents estimated data breaches have cost their organizations at least $1 million.
- The majority of network outages exceed $1 million in damages: 60% of networking outages cost at least $1 million in operational disruptions, reputational damage, lost data, and financial losses.
- Networking and security challenges are inter-connected: 40% said preventing network outages was their top cybersecurity challenge, edging out the hiring and retention of qualified IT staff and securing cloud application data (38% each). Respondents rated network monitoring (73%) and threat intelligence (66%) as the most effective technologies for mitigating these challenges.
- Cloud networking attacks are rising: 84% of respondents experienced one or more cloud networking attacks in the last 12 months.
- As cyber attacks escalate, security budgets continue to grow: 67% of respondents’ budgets grew from 2019 to 2020 and 73% estimate an increase in 2021.
Fortunately, government IT teams are prioritizing network visibility and security investments to directly address their areas of top concern. This correlates with demand for core networking and security services, which has grown substantially year-over-year. As the leader in secure cloud-managed network services, Infoblox is helping different government organizations with their secure cloud transformation, leveraging BloxOneTM Threat Defense to source DNS traffic insights, along with other threat intelligence feeds and mitigation tools to provide end-to-end defense for on-premises and remote systems.
According to a U.S. Bureau of Labor Statistics study for 2017 to 2018, just 15% of workers worked from home before the pandemic, while 32% of state government workers did so. Today, the percentage of employees working from home is closer to 80% or more. As government IT professionals lean on network monitoring and threat intelligence as two of the most effective mitigation tactics, they are also able to take advantage of several emerging and existing technologies to further enhance their security posture. Monitoring the DNS traffic of these remote workers helps to give a holistic picture to the security professionals tasked with securing their networks.
As government agencies continue to learn from and adapt to the cybersecurity challenges faced by their IT teams, they should ensure a defense in depth strategy is taken, taking advantage of technologies such as securing DNS, helping to prevent costly data breaches and network outages, and potentially millions of dollars in losses.