Webinar Recap: Cybersecurity in the Public Sector

cybersecurity in the public sector: maximize your Microsoft Security investment.

The public sector has become a favored target for cybercriminals globally. Not only for their valuable data but because their legacy security is being outpaced by the technological evolution.  

Difenda understands that public sector organizations face unique challenges when it comes to cybersecurity. A lack of skilled personnel and staffing shortages can cause difficulties when creating an effective security program. But strict compliance mandates and budgetary uncertainties cause their own host of problems.  

In a recent webinar, Megan Miller, and Jamie Hari, Difenda’s cybersecurity experts discussed innovative strategies for public sector organizations to protect their environment. This webinar covered building an integrated security approach, maximizing on your current security investments and our Microsoft-backed attack-driven approach to identify threat hunt criteria from IT to OT and beyond. 

Here are some of the biggest takeaways from the event.  

Top security challenges in the public sector

The public sector has experienced a series of pain points as a result of rapid changes to cybersecurity over the past two years. These include:  

  • New complex frameworks, regulations, and standards: Currently, overlapping and complex frameworks are causing administrative and financial challenges. Luckily, many agencies are looking to simplify these standards and make regulations easier to navigate in the near future.  
  • Operation efforts are increasing but resources are stagnant: With remote work expanding the threat surface and an increase in attack complexity, organizations need to be more efficient with their tooling. The public sector is constantly experiencing a shortage of resources, training issues and high turnover rates. It is time to consolidate services and do more with less.  
  • Increased threats around critical infrastructure and operational technology: Operational technology (OT) has now become the target of thousands of cyber-attacks. Threat actors are consistently leveraging OT environments as the point of entry or even as the end goal of attacks. The public sector needs to think about their organizations more wholistically and create strategies that marry incidence response, remediation and personnel for both IT and OT.  
  • Increased threats from organized crime and nation-state actors: New tools and technology are constantly developed by nation-state actors and are becoming available on the dark web. As seen by multiple attacks in the past few years, such as with Canada Revenue Agency, the public sector is not immune. Luckily, Microsoft is investing in tools and capabilities to address these issues, specifically in the public sector.  
Integrated response capabilities are the future of security operations - Jamie Hari

Why are public sector security programs failing?

The idea of an internal cybersecurity team was the goal two years ago. But, with remote working, the lack of cybersecurity professionals available, and of course reduced funding, that idea is now an impossibility. Leveraging shared models and cooperative services is the only way to keep up with demand today. 

Over the past two years, integration has been key for cybersecurity and threat actors. Increased integration allows remote workers to do more and connect better with their teams. But it also allows attackers to navigate further into security networks. Unfortunately, integration capabilities have outpaced many internal security teams’ abilities to keep up. Moving forward, all cybersecurity programs need to refocus on leveraging external automation and orchestration capabilities to protect their highly integrated environments.  

Additionally, security programs need to be organizational efforts encompassing all the people, processes, and technologies involved. One of the key reasons public sector security programs fail is a lack of organizational buy-in, especially from the senior level. For a successful program, there need to be comprehensive incidence response processes that include the marketing department, human resources, legal department and public relations, not just the IT staff.  

The modern approach to managed security services

Often, in public sector organizations changes to security posture revolve around budget or a security event. The challenge is that those don’t often align with establishing a comprehensive framework. Creating a simple roadmap to a sustainable defense will accelerate modernization and hit targets all without blowing your budget.

Hari outlined four key stages to an effective cybersecurity program in today’s public sector environment: 

  • Public sector organizations need to start by getting an understanding of their current assets. Not just listing physical locations of technology but, understanding where their sensitive data lives. By pre-classifying and maintaining good asset inventory hygiene, you set the foundation to make intelligent decisions about your security program.  
  • The next step is leveraging threat defenses that your business already has. Gaining visibility into your network and the ability to respond and block threats in real-time will be crucial to your threat defense. Attackers are leveraging the dark corners of your environment to maintain their hold on your network. Organizations need machine learning power such as advanced managed detection and response (MDR) capabilities to ensure attackers do not remain in their network undetected. 
  • Human-based intelligence is key to any great security program. Your personnel help protect your network in two main ways: proactive threat hunting and reactive patching in response to global activities. This is not an easy task, which is why many people outsource their advanced vulnerability management capabilities to external MSSP’s like Difenda.  
  • Your business’s threat response is the most important aspect of your security program. What are your organization’s capabilities when an attack occurs? Do you have an Incidence response plan? Who is involved? Regardless of what your plan looks like, it needs to include the entire organization and leverage all the tools you have at your disposal. Being prepared and having the ability to respond quickly is the best way to mitigate any threats to your network.

How can you maximize your Microsoft Security investment?  

Many businesses are unaware of what Microsoft products and services exist, which ones they are already invested in and which can help reach their business goals. In order to maximize on your Microsoft Security program, you need to understand your current controls, where you have gaps and what tools your license provides. Difenda has created many helpful resources to assist in your Microsoft Security program’s success:

Wrapping up 

Miller and Hari offered a lot of valuable information during the webinar for organizations interested in maximizing their Microsoft Security investment. From integrating your IT and OT environments to the need for external support, they made it clear that as organizations need to be doing more with less; consolidation is the key to successful security programs in the public sector. 

Watch the webinar

Our Partners

Penetration Testing Whitepaper

Threat Intelligence

Subscribe to receive insider threat intelligence from Difenda’s front line security analysts in our 24/7/365 SOC.

Ken Perkins

Biography coming soon.

Megan Miller

Megan Miller’s energy and passion for learning flow into all aspects of her work. As the Growth Manager, North America, she brings a background in sciences which she has transitioned to the tech sector in her role at Difenda.

With a Bachelors of Science in Geology, Megan is a lifelong learner who is voracious about learning anything she can get her hands on about cybersecurity. Her positive energy has built a sales strategy with a focus on expanding in the United States while nurturing the Canadian presence. She is responsible for recruiting and training the sales team. Together with the company’s leadership, she creates the sales process and the company’s product strategy in order to better serve the customer base. This ensures that our customers have a highly trained and highly motivated team to help them every step of the way, Megan has completed Microsoft SC-900 training and working towards mastering Microsoft.

Whether at work or play, Megan is fully committed. She took her love of hockey all the way to the semi-professional level as a competitive hockey player. Megan loves all things sports including water skiing, scuba diving, cycling, and snowboarding. She also enjoys time with family and reading about alternative energy, innovation, and cybersecurity.

Natasha Phanor

As the Microsoft Partner Manager at Difenda, Natasha Phanor is responsible for driving growth within our Microsoft Partnership. With six years in the industry, she offers a fresh, energetic approach, and the ability to focus on our customer’s needs throughout the entire process. Natasha has the innate ability to foresee customer needs and solve problems before they arise, which creates a smooth road for each customer she encounters.

As the recipient of the Outstanding Services Partner of the Year Award in 2018, it is clear that Natasha responds quickly to customer needs, creates a platform for understanding a customer’s business requirements, and walks them through the process to ensure their complete satisfaction.

In her spare time, Natasha is as energetic and passionate as she is on the job. A self-proclaimed foodie-extraordinaire, she enjoys dinner parties, traveling, downhill skiing, hiking, biking, and reading. Natasha has a Bachelor of Fine Arts, specializing in Dance, from Ryerson University.

Lisa Templeton

Lisa Templeton is the perfect combination of human empathy and technological prowess. In her role as People Services Manager, she takes care of our team members to support them in their daily work, as well as on their personal life paths. Happy employees make for happy customers, and Lisa excels in giving our employees the tools they need for success in order to become the best possible versions of themselves. Along with employee formation, she shines in the service delivery support domain to continuously improve the process. Her 24 years of experience in IT Operations and Service Management help her create quality and efficiency at Difenda.

Having attended the Information Systems Management certificate program at Ryerson University, and with various other certifications to her credit, Lisa is perceptive and innovative when it comes to information technology, but also sensitive to the needs of her human constituents. Responsible for achieving the first privately owned company HDI Support Center certification in Canada, she has also designed and implemented Service Management excellence programs and 24×7 IT Operations departments for multiple IT organizations, and has created corporate rewards and recognition programs to keep her employees engaged and motivated.

On the personal side, Lisa passionately supports the cause of breast cancer research, having lost her mother to the disease. She reads voraciously in her spare time, and enjoys the art of home renovation. The summer months also bring time on her boat and exploring new hiking trails.

Miranda McCurdy

Miranda McCurdy uses her myriad super powers in all aspects of her job and personal life. As the Marketing Director at Difenda, Miranda McCurdy brings over a decade of experience to the table, which includes expertise in all facets of operations, brand management, and content marketing, as well as a multitude of successful strategies for the ever-expanding digital world. She is an expert at simplifying the message the company is trying to send, filling in gaps in the information, and strengthening the content in order to create compelling narratives that strengthen the brand and developing programs that bring teams together.

With several Addy Awards issued by the American Advertising Federation Cleveland to her credit, and her never say die attitude, Miranda understands both the broader picture and the minute details that are needed to successfully market a product. With her abilities to harness both the talent needed to spread the message, as well as to create the message itself, she is an integral cog in the company’s ability to communicate with customers and other stakeholders.

When she is not building a brand, she shares her ability to fill the gaps in her community by volunteering with Habitat for Humanity, the Special Olympics, and the Charleston Food Bank. In her spare time, Miranda spends time with her family, enjoys fitness and health, paddle boarding, reading, and arts and crafts.

Juliana Zaremba

Connections are the name of the game for Juliana Zaremba. As Strategic Partnerships Director, she is responsible for Difenda’s channel partnerships and the development and ownership of the channel partner program. She is also responsible for the global Microsoft Partnership, including the creation of strategic plans with MSFT contacts that will facilitate the continued growth of the business and establish certification and training protocols in all security technologies. Her role is multifaceted, as she acquires partners, manages relationships with them, and develops strategies that will provide cutting edge security solutions to our customer base. Another integral aspect of her job is to facilitate growth.

With a Bachelor’s in Math from the University of Waterloo and 14 years of experience from her previous roles at Herjavec Group and CDW, her cutting edge focus and ability to develop long-lasting relationships and strategies provides world class security solutions to our customer base.

Juliana thrives on connections outside of work as well. She is a philanthropist and contributor with Women4Change based in Hamilton. This group of local women is passionate about supporting local causes, and she focuses her efforts around Women in STEM. She is also a member of Club Italia in Niagara Falls and supports their youth events throughout the year.

When not managing the Microsoft Global partnership, Juliana enjoys reading, often reading several books at once. Juliana enjoys exploring the Niagara Escarpment with her family, as well as sharing meals and experiences with her extended family. Juliana’s competitive nature has her always trying new things, like Whoop band challenges and Peloton.

Jeffry Jacob

Biography Coming Soon