Two significant technical shifts will be important in the effort to build cyber resilience in the public sector, according to the Society for Innovation, Technology and Modernisation (Socitm).
Its new Public Sector Digital Trends report points to increasing importance of transport layer security (TLS) and zero trust networking as strategies to face up to new cyber threats and risks.
The report’s technical trends section says the move to TLS – a cryptographic protocol designed to provide secure communications over a computer network – has been prompted by an increase in the vulnerabilities of the older secure sockets layer (SSL) approach.
TLS is said to authenticate more efficiently, improve data integrity and confidentiality, and provide stronger resistance to ‘man in the middle’ attacks – when a perpetrator positions themselves in a conversation between a user and an application.
It is is used widely for web browsers and recognised as good practice to ensure the most secure connection is being used between a web service and as clients browser.
Padlock on browsers
Socitm associate director Mark Brett commented: "Over the past few years the cyber crime rate continue to rise, we’re always told to look for the 'padlock' on web browsers. That’s where the TLS comes in.
"The next step is to try an enforce the highest level of security across that padlocked web connection. Web servers use what are known as 'cypher suites', which range from very secure down to acceptable as a way of understanding them.
"A connection is programmed and will always try to enforce the highest level of security; if not, it will move down to the next level. These connections are then enforced through the use of digital certificates, which again certify the connection is genuinely secured and the site is who it says it is.
"So the move to TLS in web services continues to keep the majority of websites safe and secure."
He added that there has now been a 100% transition to TLS for email among councils.
Threats inside and outside
The zero trust model assumes that threats can exist inside and outside a network’s perimeter and always requires verification for access to system, even when it comes from inside an organisation’s network.
Its use has been advocated by the National Cyber Security Centre, which published a set of principles for network architecture in 2021.
Brett said that not trusting the network allows the security focus to shift form the network itself to securing the services.
The report also highlights two rising trends in the form of AI driven cyber attacks – notably through phishing, social engineering and deepfakes – and vulnerabilities in cloud environments ad internet of things devices. These are intensifying the continuing threats from ransomware, multifaced extortion tactics and supply chain attacks, Socitm says.
It adds, however, that AI also provides the potential to strengthen cyber defences by analysing network traffic in real time to flag up unusual patterns and attempts to exfiltrate data; and by identifying new and evolving forms of malware.
AI potential
The report says: “Skills and capabilities will continue to be stretched, while new opportunities are emerging to harness AI for cyber protection, not only enhancing the ability to detect and respond to threats efficiently but also shaping a more resilient organisational structure. AI enabled cyber compliance and threat protection services will become more common.
“This forward thinking approach will ensure robust protection against the ever-evolving cyber risks, safeguarding critical data and maintaining operational integrity in an increasingly digital world.”
