Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity NewswireSecurity Leadership and ManagementAccess ManagementIdentity ManagementCybersecurity News

Cutting the Cost of Public Sector Cybercrime in 2018

By Ger Daly
cyber5-900px.jpg
January 12, 2018

Sophisticated cyber threats against governments are increasing in frequency and severity, demanding heightened vigilance. In 2017, the White House published the Cybersecurity National Action Plan (CNAP) to address what the administration sees as weakness in cybersecurity preparedness within federal government, private sector business and among citizens. As we enter 2018, it’s important to understand the costs associated with cybercrime and to identify steps to reduce the financial impact of such attacks on government agencies.

Accenture recently collaborated with the Ponemon Institute to understand how cyber crime is impacting public and private sector industries, including government, and to explore the steps organization have taken in recent years to improve security effectiveness.

The Cost of Cyber Crime Study’ surveyed more than 2,000 security and IT professionals in 254 organizations worldwide and found that cyber attacks are not slowing down. Quite the contrary: The number of cyberattacks against government agencies is increasing, with public sector organizations experiencing 53 such attacks on average per week during 2017.

The study also found that the average cost of a successful public sector cyber breach rose from $6.77 million in 2016 to $8.2 million in 2017. For all organizations studied, web-based and malware attacks remain the most common, with each web-based attack costing the impacted organization an estimated $85,583 and each malware attack costing on average $6,500.

In 2017, state-sponsored actors and cybercriminals produced more viral variants of ransomware than ever before – setting a new bar for government cybersecurity teams. Ransomware such as WannaCry and the highly destructive Petya variant cost public sector organizations on average $83,597, an increase from $76,513 in 2016.

While the occurrence of cyberattacks is increasing, there are actions organizations can take to better protect themselves and reduce the number and impact of security breaches.

 

Get the Security Basics Right:

Significant breaches share three common traits:

  • They have long term financial effects.
  • Organizations have underestimated the value of their data.
  • They are the result of multiple points of failure.

Now more than ever, it is critical that organizations implement basic data-centric security measures. The first step is to identify the data or assets that are most critical to operations. Securing high-value assets makes it difficult and expensive for adversaries to achieve their goals, while limiting damage if they do gain access.

Having strong network security in place will also ensure that data is protected beyond “the four walls” of an organization, be it within the cloud or within external field operations. Additionally, organizations that monitor the behavior of users and applications limit an attacker’s maneuverability and enable a continuous response model, whereby an organization assumes it has been breached and uses incident response and threat hunting teams to look for the next attack.

 

An Organizational-Wide Cybersecurity Strategy

The high cost of cybercrime underscores the need for public sector organizations to strategically plan and closely monitor security investments. To keep pace with sophisticated and highly motivated attacks, organizations must adopt a dynamic, nimble security strategy that builds resilience from the inside out and aligns with business objectives.

Innovation is a key driver in developing sustainable strategies that can adapt to evolving organizational needs and deliver effective security measures at scale and across multiple locations.

Security also must be supported with dedicated budget and programs, as well as a clear leadership vision. To safeguard assets, government leaders must drive modern, proactive and agile strategies that can quickly identify and respond to digital security risks. Prioritization is another essential element of any security strategy. Once an agency has conducted a risk assessment, it can take steps to protect what’s most vulnerable and essential. Because breaches can happen at all levels of government, it’s also important for agencies to develop protocols that can be leveraged by federal, state and local officials.

 

How Innovative Technology Can Drive Resilience

By developing technology capabilities that enhance user experience and increase productivity, organizations not only increase digital uptake but also improve their ability to counter advanced security threats. New and disruptive technologies can help public-service organizations integrate cyber defenses deeply into their organizations and enable a comprehensive end-to-end approach to security. As a first step, agencies should conduct a thorough assessment of their cybersecurity capabilities, while "pressure-testing" their defenses to determine whether they can withstand a targeted attack. They should also assess and minimize their network exposure, focusing on protecting priority assets and identifying new areas for investment. Being ‘brilliant’ at these basics will make it incredibly difficult for attackers to succeed.

Our research indicated that security intelligence systems and advanced identity and access governance are the two most widely deployed security technologies among public sector organizations. Meanwhile, just more than half of public sector respondents (55 percent) said they were currently deploying security intelligence tools within their organization. Technologies such as cloud-based email analytics can also be used to identify and quarantine known threats, and artificial intelligence (AI) and biometrics must also play a part. AI can dramatically increase security in IT environments by using behavioral profiling to detect anomalies that may indicate a threat.

 

Ensure Strong Governance

Effective security requires strong leadership and cross-organizational support, as well as the proper governance measures. A Chief Information Security Officer (CISO) should have the authority to define and manage the organization’s security strategy and to communicate directly with all functional leads. Cross-operational governance controls can help leaders effectively measure results, assess the strategy, evolve the organization’s posture and realize the best use of resources. Where a CISO does not have the authority to set strategy or access leadership, governance and controls are less effective.

Organizations must also focus on accountability and nurture a cybersecurity-minded culture that measures and reports cybersecurity performance, develops attractive cybersecurity incentives for employees and creates a clear-cut cybersecurity chain of command. Leaders need to redefine cybersecurity success as more than simply achieving compliance targets. The right level of visibility and authority is critical to discovering and responding to threats in a timely manner.

Government agencies should approach cybersecurity with an organizational mindset -- one capable of continually evolving and adapting to new threats. State-of-the-art cybersecurity requires investments in innovation and training, as well as leadership buy-in and support. In today's connected world, government, citizens, employees and industry stakeholders must all be actively involved in preventing and fighting digital threats. Effective cybersecurity depends on all stakeholders working together to anticipate and respond to attacks – this will ensure our government agencies deliver on their missions to protect citizens and deliver citizen services.

KEYWORDS: Artificial Intelligence (AI) Security cyber security cybercrime security analytics

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Ger daly security magazine
Ger Daly is senior managing director for Accenture Defense and Public Safety with global responsibility for defense, policing, and border and identity business services. He leads a team of dedicated professionals who assist government and public service organizations that manage the cross-border movement of people, provide national and international security and manage criminal justice systems. Daly’s defense industry experience spans large-scale enterprise resource planning programs (ERP), supply chain logistics and a range of technology programs that include cloud, data analytics, predictive analytics, and mobility services.He joined Accenture in 1988 and holds a Bachelor of Electrical and Electronic Engineering from University College Cork in Ireland. He lives in Dublin.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Person working on laptop

Governance in the Age of Citizen Developers and AI

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • industrial

    Human Error Caused 52 Percent of Cybersecurity Incidents in the Industrial Sector in 2018

    See More
  • Cybersecurity Leadership Images

    Cybercrime to Cost Global Business $8 Trillion in the Next 5 Years

    See More
  • Stormy weather

    Natural Disasters Cost the U.S. $91 Billion in 2018

    See More

Related Products

See More Products
  • databasehacker

    The Database Hacker's Handboo

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing