Hughes leaders attended the recent National Association of State Technology Directors (NASTD) Annual Conference where Doug Robinson, executive director of the National Association of State Chief Information Officers (NASCIO) and Amanda Crawford, executive director and CIO for Texas, hosted a “State of the States” presentation. Their comments were based on the 2020 Deloitte-NASCIO Cybersecurity Study that explored government CIO priorities and perspectives.
Robinson and Crawford noted that sixty percent of CIOs in the study said the greatest cybersecurity risk to state governments is ransomware attacks. Furthermore, the top priorities for those CIOs in the next 2-3 years will be the adoption or expansion of enterprise identity and access management solutions. This is yet another reason why government agencies should be modernizing their networks and taking advantage of commercial innovations. The reality is that the legacy network technology in government agencies often struggles to provide adequate and up-to-date cybersecurity.
New Risks, New Mitigations
With more remote users and mobile devices (or endpoints) on them, networks become more vulnerable to sophisticated and targeted cyber-attacks, such as ransomware. But endpoint risk isn’t defined solely by the number of users on the network. Shifting to a cloud environment, largely driven by Software as a Service (SaaS), amplifies risk. Collectively, these users, endpoints and access paths comprise—and increase—the “attack surface.”
The latest network security services and solutions are engineered to address such issues. One option is a security fabric that brokers identity-based control and context before granting network access. This approach, referred to as SASE (pronounced “sassy,” the acronym for Secure Access Service Edge), supports dynamic secure access to network resources. SASE integrates several existing security technologies and practices, deployed primarily via the cloud, to create a holistic, network-wide security framework.
For even tighter security, CIOs and state IT Directors can consider a Zero Trust Model applied to the SASE framework. Zero Trust assumes that no request can be trusted automatically. Instead, every access request is verified before permission is granted, no matter where that request comes from. With SASE incorporating a Zero Trust approach, the security fabric further reduces the attack surface. The result? Significantly decreased risk and heightened security across the entire network—regardless of how many endpoints or how widely distributed the network.
The Added Benefit of Managed Services
Crawford and Robinson shared that sixty percent of the CIOs polled also said they intend to expand their managed services model over the next three years to better support these and other IT initiatives. This is good news for state networks as there are added benefits to realize from marrying technologies and solutions like SASE with managed services like Managed Software Defined Wide Area Networking (SD-WAN). Applying SASE ensures that security envelops the network, expanding protection to cover any access or endpoint. This secures each device and user rather than just points along the network itself. What’s more, Managed SD-WAN consistently deploys the latest firewall, intrusion detection, and virus/ransomware alert technologies to augment SASE’s access and resource controls.
Finally, Crawford and Robinson noted that 94% of CIOs surveyed see an increase in demand for digital government services since the pandemic. Examples include Managed Digital Signage and Managed Wi-Fi to support touchless self-help kiosks, directional signage and wayfinding, or a queuing and line management system. With the advancements in commercial managed network services and digital solutions, state IT teams are well positioned to expect more from their networks.