Streamline your cloud experience and maximise your cloud investment with Microsoft Azure-aligned public cloud services.
Host all of your workloads in the most appropriate location while experiencing the simplicity of one cloud from Six Degrees.
Enhance your cyber security and safeguard your organisation with our cyber security strategy and advisory, consultancy, and managed services.
Connect your business through a comprehensive connectivity portfolio delivered via our owned and operated core Next Generation Network (NGN).
Secure your productivity on any device, anywhere, any time.
Streamline your hosting with comprehensive colocation services delivered from three UK data centres.
Gain clarity and control of your 5G estate, ensuring ongoing cost efficiencies are managed on your behalf through our managed service.
Gain confidence in your cloud direction and achieve accelerated time to value through our assured and optimised cloud services.
Master today’s complex threat landscape and protect your business with our intelligence-led security services.
Videos and webinars are a great way to digest the latest technology insights.
Our eBooks and whitepapers provide in-depth insights from our experts.
Our thought leaders publish regular blogs on up-to-the-minute topics.
Learn all about the latest news from Six Degrees as we continue to evolve.
We host regular in-person and virtual events for our clients.
Discover how Six Degrees has driven success for others.
Learn how we enable our clients to achieve more; providing superior secure solutions, powered by our passionate people.
We are proud to partner with many of the world’s leading vendors, enabling you to leverage our continual investment in difference-making technology.
Learn how CNS at Six Degrees delivers intelligence-led security services that protect organisations in today’s hostile landscape.
We are committed to operating in an environmentally and socially conscious way. Learn more about our commitments as a business.
We are proud of our secure cloud credentials. Learn why we’re one of the most highly accredited providers in the UK.
We are a friendly and passionate bunch here. Whether you want to work with us or for us, we think you’ll enjoy the Six Degrees experience.
Home » Blogs » The Challenge of Public Sector Cyber Security
Both the private and public sectors faced around 18 denial of service (DoS) attacks per minute, and malware infections rose by an estimated 358%.1
In the face of these constant and evolving attacks, cyber security and risk management spending is set to reach more than $150 billion (£108 billion) by the end of 2021, representing an increase of over 10% compared to 2020.2
As public sector organisations attempt to shield themselves from cyber-attacks, government policy and spending is in the process of reacting to this new landscape. In the UK alone, the government has committed to spending £1.9 billion on the National Cyber Security Strategy.3
While facing similar threats to those encountered within the private sector, public sector organisations also face their own unique set of cyber threats and challenges. As a result, implementing an effective cyber security strategy is absolutely essential.
In this article, we’ll be looking at the unique cyber security challenges the public sector faces with the help of some real-life examples. Let’s get started.
Further reading: If you want to learn more about effective cyber security strategies within the public sector, take a look at our blog — Fundamentals of Public Sector Cyber Security
We’ve already highlighted the rising cost of both cyber crime and cyber security, so it should be no surprise that public sector spending is one of the largest constraints when it comes to cyber security.
The reality is that most public services have far stricter budgets than organisations operating in the private sector. Indeed, public sector organisations are often competing against each other for a limited amount of funding, and have to deal with the added scrutiny and pressure that comes with spending public money.
As a result, IT managers in the public sector are increasingly being asked to bring in the best talent and use the latest technologies without the funding necessary to do so.
As we’ll discuss later, the cyber security sector is suffering from a massive skills gap as demand skyrockets. This means that there just aren’t enough experts to go around, and the public sector has to compete with private sector organisations who are able to outspend them in order to secure talent.
Added to this is the cyclical problem of changing public sector budgets due to government and policy changes. Effective cyber security needs to be consistent and iterative, which can be difficult when budgets and priorities constantly evolve.
As highlighted above, there is currently a significant skills gap in the UK cyber security sector.
For example, the most common cyber security qualification is the Certified Information Systems Security Professional (CISSP) accreditation. However, only 19% of cyber firms have any CISSP-accredited staff. This shortage of skilled workers has left 653,000 organisations in the UK with a basic cyber skills gap, and 408,000 organisations with an advanced cyber skills gap.4
This skills gap has already impacted the public sector, with only 13% of Local Authorities using cyber crime insurance, and more than half of all public sector workers lacking basic cyber security skills, such as the ability to recognise ransomware or an understanding of what two-factor authentication is.5
Even as more cyber skilled workers enter the job market, public sector funding is increasingly insufficient to attract those workers away from higher-paid jobs in the private sector.
Current staff need to be trained and upskilled, while IT managers are increasingly expected to shoulder security responsibilities. The result of this is ultimately heavier workloads, increased responsibilities and stretched resources.
Unlike their counterparts in the private sector, public sector organisations and local government departments have to justify any increases in spending to the general public.
The reality is that cyber security spending is not a priority in comparison to healthcare, policing, and other vital public services.
For example, the UK spent £44.6 billion on the military in 2020/21 alone, compared to £1.9 billion on the National Cyber Security Strategy, despite the disastrous consequences a successful cyber-attack and data breach can have.6
In 2017, more than 60 NHS trusts were hit by WannaCry ransomware. In some cases, these trusts were rendered vulnerable to WannaCry because their Windows operating systems were more than 15 years old and no longer updated or supported by Microsoft.7
Unfortunately, public spending on cyber security is still not high profile enough to register with most voters as a genuine necessity, keeping cyber security budgets low despite the potential consequences for public services in the event of a successful cyber-attack.
Following on from the point above, despite not getting a level of funding comparable to the risk, cyber security breaches in public sector organisations can have enormous consequences.
Local Authorities were responsible for half of all data breaches recorded in the UK in 2020, and public sector bodies receive more Information Commissioner’s Office (ICO) security compliance-related fines than any other type of organisation.8
Local Authorities hold vast amounts of sensitive data, but don’t always have the budgets, training, or expertise required to secure that data properly.
The public sector also faces cyber threats from hostile states. In recent years, it has been reported that the UK has been the target of a Russian attempt to steal coronavirus vaccine research, and a Chinese attack on Microsoft Exchange servers.9
Political cyber activists, or hacktivists, including the group known as Anonymous, have previously targeted public sector organisations with DDoS attacks and social media profile takeovers, causing major disruption and political embarrassment.
Since any attack against a public sector organisation has a severe impact on the government’s ability to offer services, from healthcare to emergency services, the cyber security stakes for the public sector are always high.
Market-leading cyber security providers like Six Degrees represent a viable solution to the unique challenges faced by public sector organisations.
By partnering with Six Degrees, Local Authorities, NHS Trusts, police departments, and a range of other public sector organisations can overcome the current cyber security skills gap with the help of highly trained industry experts.
Six Degrees offers a range of flexible cyber security solutions, including:
To find out more about the services Six Degrees offers and how they could revolutionise your organisation’s approach to cyber security, contact us today.
Suggested reading: For advice and insights on explaining the value of cyber security to the board, check out our free resource — Board Presentation Toolkit: Cyber Security and Threat Management
How and Why You Should Adopt a Cost-Benefit…
Planning for the Future of Cyber Security Today…
Unprecedented events have forced the world as we…
More information on our Privacy and Cookies Policy can be found here: https://www.6dg.co.uk/privacy-cookies/. You can update how we contact you in the future by visiting our Communications Preference Centre here: https://www.6dg.co.uk/preference-centre/.