Protecting the public sector from hackers

The words ‘Protecting the public sector from hackers’ overlaid on a lightly blurred, low saturation image of a squiggly line of energy representing cyber attacks and cyber chaos. Decorative: the words ‘public sector’ and ‘hackers’ are in yellow, while other words are in white. The ITPro podcast logo is in the bottom right corner.
(Image credit: Future)

While the private sector makes a lucrative target for threat actors, the public sector is also under constant threat of cyber attacks.

In October 2023, the British Library was hit by a major ransomware attack and the founder and CEO of the National Cyber Security Centre (NCSC) Ciaran Martin told the BBC that recent attacks on the UK’s National Health Service were not surprising given its outdated systems and cyber policies.

But what might these updates look like? And on a national level, what can be done to protect the public sector from further attacks?

In this episode, Jane and Rory speak to Jonathan Lee, public sector lead at Trend Micro, to discuss the attacks targeting the public sector and what can be done to stop them.

Highlights

“I think what we're starting to find is all of these things are providing citizens with a service, whether it be something that's as critical as your health and your physical wellbeing and your mental wellbeing, in the case of the NHS, or critical services that the likes of a council in Cheshire are providing, if the rubbish is not collected this public health issue there as well. So all of these things are important, there's obviously always going to be a scale that operates at like I mentioned, catastrophic harm, obviously the ultimate catastrophic harm is someone losing their life, which could happen as a result of a cyber attack on the NHS, for example. But then we've got the MoD, we've got all of these different areas that are open to threat actors.”

RELATED WHITEPAPER

“So doing the basics right, first and foremost, is really important. But then I think it's all about articulating the importance within an organization, be it a hospital, a government department, a local authority, or in education, it's about articulating from a technical level to the board, the importance of being resilient. Because cybersecurity is effectively a business risk.”

“I think we're further behind than we would like to be in that area around supply chain security. In fact, the NHS has just released a £4.3 million pound fender for a contract to review cybersecurity risks to critical NHS infrastructure, and obviously feels like it's a little bit late with what's happened to the Synnovis.”

Footnotes

Subscribe

Rory Bathgate
Features and Multimedia Editor

Rory Bathgate is Features and Multimedia Editor at ITPro, overseeing all in-depth content and case studies. He can also be found co-hosting the ITPro Podcast with Jane McCallion, swapping a keyboard for a microphone to discuss the latest learnings with thought leaders from across the tech sector.

In his free time, Rory enjoys photography, video editing, and good science fiction. After graduating from the University of Kent with a BA in English and American Literature, Rory undertook an MA in Eighteenth-Century Studies at King’s College London. He joined ITPro in 2022 as a graduate, following four years in student journalism. You can contact Rory at rory.bathgate@futurenet.com or on LinkedIn.