- Cyber attacks or data breaches are the most significant threats to the public sector, both currently and in the next three years, according to Aon’s “Global Risk Management Survey”.
- The concerns of governmental organizations have intensified in the face of uncertain geopolitical situations and the development of artificial intelligence, which influences the automation of hacker activities.
- One of the most effective ways to minimize the effects, for instance, sensitive data leakage, is to implement a cyber risk response plan. It has already been decided by 89% of public organizations worldwide.
Cyber criminals increasingly target the public sector. Their victims in 2024 included, among others, Henry County in Illinois (ransomware attack), Chalosse Tursan commune in France, and the city office of Fürth in Germany. As a result of a DDOS attack in Germany, all the office’s websites got blocked. Reports of subsequent attacks increase the awareness of local governments about cyber threats and their consequences.
Cyber risk number 1 in the coming years
In Aon’s “Global Risk Management Survey,” representatives of the public sector acknowledged that cyber attacks and data breaches are currently their most important risks. Moreover, they also appeared to be the number one future risks, surpassing, among other things, fears of failure in attracting and retaining talents or a slowing down economy or its too slow recovery. As the study participants emphasized, this is related to the uncertain geopolitical situation.
– The war in Ukraine and other armed conflicts have increased the scale of cybercrime activities, which are mostly attacks arranged by organized criminal groups. Add to that the development of artificial intelligence, which influences the automation of these activities. Ultimately, we are not only facing data leakage, such as social security numbers, but also ransomware attacks causing system blocks. Many local governments have introduced the option for residents to handle matters online. Such an attack can, therefore, be very problematic. – says Tomasz Fabijański, Director for Business Development, Aon Poland.
– We also note an increasing number of cases of hackers using AI, for example, deepfake technology, which allows them to imitate the appearance and voice of specific individuals. This method is incredibly effective in attempts to extort data or money. AI tools can also be used in simpler phishing attempts, but also help analyze data or even write malicious software – adds Piotr Rudzki, Senior Broker, Aon Poland.
How to manage cyber risk in the public sector?
Aon checked whether the public sector is prepared for the threat of cyber attacks and whether it has implemented a policy for managing this risk. It turns out that currently, about 89% of territorial self-government units worldwide have implemented a risk plan or formal risk review, which includes, among others, quantification and evaluation, calculation of financing solutions, development of continuity plans and risk management plans.
– Local authorities do not need extensive knowledge in the field of cybersecurity. An effective way to limit the negative effects of attacks is to purchase cyber insurance. Earlier for this purpose, one should fill in, for example with the support of an insurance broker, a detailed risk assessment questionnaire, which in itself gives an overview of how the security level in a given local government unit looks. The broker will then present an offer that will best meet the needs of the particular local government unit – explains Tomasz Fabijański.
A cyber policy consists of three pillars of protection:
- Civil Liability – damages and defense costs against claims filed by third parties due to losses resulting from a cyber incident(, including disclosure, data loss or breach of third-party system security).
- Own damage – costs of restoring data, loss of profits, additional costs, administrative penalties (including GDPR, NIS 2), or even the cost of a cyber ransom.
- Costs and access to specialists in the field of event response – these include forensic IT, law firms, or PR companies.
However, not every local government can purchase this type of policy. Insurers have raised security standards of the insured IT in recent years. They should expect, among other requirements: the use of antivirus software and firewalls, regular creation of separate and tested backups, installation of critical updates, data encryption, or having continuity plans and data recovery plans in the event of a cyber incident.
– Public entities are one of the main targets of cyber criminals because they are seen as easy targets. There is a belief that the IT security budgets of such potential victims are low, and the chance of stealing data or resources is quite high. Local governments, in their concern for citizens, should, therefore, audit the state of their cybersecurity. The requirements set by insurers are indicators of good standards. On the other hand, an insurance policy can be the last line of defense when all other protections fail –adds Piotr Rudzki.
Source: https://managerplus.pl/cyberatak-i-naruszenie-danych-glownymi-zagrozeniami-dla-sektora-publicznego-wedlug-raportu-aon-14811