Intelligent CISO Issue 55 | Page 44

industry unlocked


The government is firmly positioned under the spotlight when it comes to its use of data and is expected to set an example for managing data effectively and securely . Erfan Shadabi , Cybersecurity Expert at comforte AG , discusses why data-centric security is the way forward and ultimately the key for unlocking cloud-based data analytics – a key business advantage .
he importance of data

T today is unmatched . For governmental organisations , data can help create more efficient and effective policies . From data collected , a government can better understand the demographic , societal behaviours , crimes , religious beliefs , financial incomes , medical issues ( and much more ) of a population . From health and work & pensions to education and the treasury , the various governmental departments are libraries of sensitive data . The information stored is continuously being analysed , updated and shared to help departments make informed decisions that essentially help to improve the country .

Therefore , governmental organisations have an even greater obligation – compared to most – to manage data responsibly and securely , especially when it comes to personal information .
Industry-wide , as well as governmentwide , business practices are being transformed by technological advancements with an ever-increasing amount of data digitalisation and data generation within government . As a result , governmental organisations are tapping into the power of data analytics to improve public services and governance as well as their own services . But to manage the resulting security and compliance risks without impeding overall impact , governmental organisations should consider a more focused approach to cybersecurity . That means protecting the asset that matters most : the data itself .
The issues faced
Sensitive information and data have always been in the crosshairs of
Erfan Shadabi , Cybersecurity Expert at comforte AG threat actors and are commonly stolen through ransomware attacks . This is then sold across underground markets like the Dark Web . Such incidents happen often , and just recently , NATO documents were stolen from a Portuguese government agency responsible for the control , planning and operations of the armed forces of Portugal . According to the most recent IBM Cost of a Data Breach report , each public sector incident costs US $ 2.07 million on average while over US $ 1 billion in monetary penalties were issued under the GDPR last year , seven times more than in 2020 .
When it comes to sharing or analysing data , there are often lengthy bureaucratic processes in place which are layered with data protection and privacy restrictions – and for good reason . The worst possible outcome , should a governmental organisation be breached , is to have this information stolen , leaked or sold to the highest bidder which in itself will lead to more devastating outcomes .
Naturally , governmental institutions are expected to set the standard and demonstrate what is expected for data privacy and protection and so sharing or
44 www . intelligentciso . com