Data security is essential for Government

May 2015 Government and Parastatal (Industry), Information Security

Cybercrime is a burgeoning threat, not only to business but also to governments all over the world. The increasing number of highly publicised examples of cybercrime activities being used against governments or for political gain highlights this trend.

The need for controls to protect unauthorised access to sensitive information is clear. However, while cybercrime may be the main driver behind these efforts, data security covers so much more than just cybercrime. Worldwide, data protection legislation is driving a growing body of best practice with regard to securing information from all manner of threats, both internal and external, and government will benefit significantly if they become part of this movement in order to prevent data from falling into the wrong hands.

With regards to data security in government, breaches are a global phenomenon, perpetrated for a number of reasons including financial gain, political leverage and more. South Africa is no different, as recent events have highlighted, and cybercrime is one of the biggest culprits of such events. From commercial enterprises to the public sector, cybercrime costs billions of Rand each year, and revisions to local legislation are thus underway in an effort to curb this alarming trend.

However, online threats are by no means the only danger to sensitive information, and many incidents of data breaches have occurred as a result of the simplest of methods, from printing confidential documents to copying unauthorised files onto a USB drive and simply walking out of the building. Government is faced with a number of challenges in this regard. There are so many ways of leaking information, from email hacking to unauthorised copying of information and everything in between. In addition, different departments have different priorities and different sensitive data.

Levels of classification

Compounding this is the fact that there are currently many different levels of maturity across the organisation, so it is not possible to have the same standards applied across the board. As a result, while frameworks and guidelines can be put into place, specifying the type of controls that should be in place, the specifics and details will vary from one department to another.

Ensuring data security requires governments to control the flow of data, understand their infrastructure, and most importantly, begin security with the process of collecting data. Starting from the beginning of the data lifecycle is key from the perspective of auditing and forensics. Understanding which information is confidential or sensitive, and classifying data accordingly, is essential. From there it is possible to implement logging, monitoring and alerting systems to flag incidents of unauthorised data access. This is crucial, however, it is only one element in the chain of security, as it provides no protection – only a reactive view of events once they have already occurred.

Once data classification and monitoring has been implemented, government can examine other technologies for the protection of information. The key here is to understand what data there is, and what government priorities are. This comes back to the importance of data classification, as without this no organisation, government or otherwise, can implement proper controls. It is simply not practical to protect everything, particularly in light of the rapid rate at which data volumes are expanding, so prioritisation is essential.

Agile adaptation

Simeon Tassev, director and QSA at Galix.
Simeon Tassev, director and QSA at Galix.

Preventative technology is the next step, along with vulnerability management and continuous vulnerability monitoring. Data security requires an understanding of the environment as well as the potential risks, which are constantly evolving, so security needs to adapt in an agile manner to these changes. Network access controls, mobility management systems and more can then be implemented on top of this.

When protecting data, there are many technologies that can be used to develop a tailored and layered solution to address the various requirements of government. However, any security solution starts first and foremost with the data itself.

Data must first be classified, after which policies, procedures and frameworks need to be implemented and enforced across all departments. Without these, security, no matter how sophisticated the technology, cannot be enforced. Data security begins with strategy, not with specific tools, and hinges on a solid understanding of where data is, what data is, and which information is sensitive, confidential or in need of protection.

For more information contact Simeon Tassev, Galix, 086 1 2 GALIX, [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

There is a SaaS for everything, but at what cost, especially to SMEs?
Editor's Choice Information Security Security Services & Risk Management
Relying on SaaS platforms presents significant cybersecurity risks as the number of providers in your landscape increases, expanding your attack surface. It is important to assess the strength of the SaaS providers in your chain.

Read more...
Addressing today’s mining challenges: cyber risks beyond IT
Editor's Choice Information Security Mining (Industry)
Despite the mining industry’s operational technology systems being vulnerable to cyberattacks, many decision-makers still see these threats as purely an IT issue, even though a breach could potentially disrupt mining operations.

Read more...
How to effectively share household devices
Smart Home Automation Information Security
Sharing electronic devices within a household is unavoidable. South African teens spend over eight hours per day online, making device sharing among family members commonplace. Fortunately, there are methods to guarantee safe usage for everyone.

Read more...
Fortinet establishes new point-of-presence in South Africa
News & Events Information Security
Fortinet has announced the launch of a new dedicated point-of-presence (POP) in Isando, Johannesburg, to expand the reach and availability of Fortinet Unified SASE for customers across South Africa and southern African countries.

Read more...
New tools for investigation and robust infrastructure security
News & Events Information Security
Cybereason continues to enhance its security platform, with recent updates introducing improvements in file search operations, investigation query results, and cloud workload protection, providing more granular data and faster key artefact identification.

Read more...
NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

Read more...
Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.

Read more...
Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Read more...
Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

Read more...
The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

Read more...