BLOG
|

2 min read

Public Sector and Malware: How Can We Protect Our Cloud?

Ranging from local governments to federal agencies, public sector organizations are increasingly putting data and applications in the cloud. Whether to streamline access, leverage variable capacity and anticipated security of cloud platforms, or decrease pressure on IT teams, transition to the cloud continues to grow. In its report, 10 Hotspots in State & Local Government Contracting for 2024, GovWin by Deltek, Inc. reported a 39% increase in bid requests from state and local governments for cloud service types including infrastructure-as-a-service, platform-as-a-service, software-as-a-service, and storage-as-a-service. 

In parallel, the frequency and sophistication of cyberattacks against public sector systems on cloud platforms are also on the rise. Threat actors see public sector organizations as targets likely to be rich in personally identifiable information (PII) to export for exploitation and rich in assets to quell an attack. In addition, organizations providing safety, welfare, and human services are particularly vulnerable to downtime from ransomware encryption attacks, elevating the potential for a quick payoff to the attacker.

Once ransomware, spyware, and advanced persistent threat (APT) malware makes entry to a system, there is an immediate risk of losing control over sensitive data through encryption or exfiltration, and when spyware and APTs go undetected, the potential for future attacks or data theft increases. The most common approach to protection from the inevitable attack is to prepare a recovery plan while mounting multiple internal and external lines of defense. However, malware protection can also incorporate prevention measures.

Malware Protection

A prevention strategy that provides protection from malware-based cyberattacks must start at the perimeter and continue all the way into the storage container. Malware scanning must be done when data is received and when it is stored. Preventing malware attacks requires real-time detection, timely alerting and mitigation (quarantine, analysis, detonation), and persistent scanning of stored data to help ensure no APTs are lurking in the background or that other malware has been introduced through intentional or unintentional actions.

Protection in the Cloud

While the built-in security of most cloud platforms provides excellent access control and offers strong backup and recovery services, the options for malware scanning and prevention are limited. This is especially true for companies operating in AWS GovCloud Regions. Regardless of cloud provider, protecting the confidential information stored and used in the cloud from ransomware and other malware attacks is something that every organization should consider.

In its Cost of a Data Breach Report 2024, IBM noted that the average cost of a data breach globally reached $4.88 million in 2023, representing a 10% increase over the previous year. Adding to the loss of productivity and income, victims also suffer substantial reputation damage when they cannot provide secure and trusted service to clients.

Public sector organizations using a container-based cloud system do have some options to implement additional services, such as malware scanning, that layer on top of platform security features. To be the most effective, scanning solutions should:

  • Be automated
  • Operate in-tenant
  • Be executed at ingress, use, and egress
  • Include regular and persistent scanning of stored data
  • Apply multiple threat engine scanning
  • Deliver immediate alerts and regular reports
  • Offer simple management and control for single or multi-cloud deployments
  • Comply with requisite regulations and mandates

 

Compliance and Service Availability

There are varied regulatory requirements and procedures for every public sector cloud implementation. Compliance is often assured by the cloud platform provider for core functions, but for additional services such as malware scanning, confirming certification and compliance of scanning packages is a fundamental requirement. Partnering with a trusted government contractor to find the best compliant solution that works within the cloud environment(s) will provide the safest path forward ensuring operation within the correct regions (ie GovCloud) and alignment with FedRAMP.

Implementing Protection with Cloud Malware Scanning

When moving to the cloud, public sector leaders should ask themselves: “Are we ready to respond to a cyberattack, but more importantly, what are we doing to protect our data and prevent attacks in the first place?” If malware protection is not in the plan, it is time to take another look.

Tired of Reading?

Want to watch something instead?

Website_Case_Studies_Watch_Video (3)