Cybersecurity is a contest between attackers and defenders. For far too long, governments have been defending their turf alone while attackers frequently target public-sector entities with little to no resistance, launching attacks with national ramifications. Despite rules and regulations meant to establish baseline controls, attacks continue to define a growing threat landscape. The harsh reality is that the threat surface has grown wildly beyond what governments can realistically defend.
The digital infrastructure that governments aim to secure is a product of private companies. There are limits to what the state can secure on its own, which means the focus must shift to closer collaboration with the private sector.
Let’s take a closer look at why an ideal defensive and offensive posture for risk management should entail a more collaborative effort from the government.
Rise in the scale and complexity of cyberthreats
Modern cyberattacks have gone many notches higher in terms of cadence, scale, and sophistication. Such attacks do not depend on a single vector. Palo Alto Networks found that 87% of intrusions across 750+ incident response cases targeted multiple attack surfaces, from endpoints and networks to cloud infrastructure, SaaS, apps, and identity. Intrusions spread laterally across connected systems, so defending one layer well isn’t enough when attackers can pivot through multiple access points in the same campaign.
Growing attack surface underpinned by everyday dependencies
Years ago, the attack surface felt like an attack on the organization’s operational perimeter. Today’s attacks have moved beyond this perimeter to include the functional elements of any organization, including cloud platforms, APIs, vendors and managed services providers. These third-party dependencies broaden the attack surface, giving cyber attackers more avenues to exploit. A compromise of a remote support tool enabled attackers to access multiple U.S. Treasury Department offices, an example of how third-party access can become the easiest entry point.
Technology ownership controlled by private entities
There was a time when major technology shifts and advancements were a direct outcome of research funded by different government entities. Examples of that include the origins of the Internet, global positioning systems (GPS), solar energy and many others. But things have changed, and it is the private sector that now drives technological advancements. Critical digital infrastructure is overwhelmingly built and operated by private entities, and the government doesn’t have total control over all its operational levers. This demands a change in thinking, requiring them to partner with the private sector to secure the infrastructure on which a country depends.
Cybercrime has gone industrial and is very persistent
Cybercrime is an industry with different specializations, services, tooling, and repeatable playbooks. And this industry is decentralized, meaning arresting