Thursday, January 16, 2025
No menu items!

Unlocking Cybersecurity: Veeam’s Ian Engelbrecht on Public Sector Cyber Defense

Must Read

In today’s rapidly evolving cybersecurity landscape, the public sector faces unique challenges in safeguarding its infrastructure and data. Unlike private organizations, the public sector’s responsibilities extend beyond financial impacts, with disruptions potentially affecting essential services crucial to citizens’ daily lives.

Furthermore, public sector infrastructure often underpins vital services for private sector operations, emphasizing the interconnectedness of these sectors. Thus, ensuring robust cybersecurity measures is paramount.


In this exclusive interview, Ian Engelbrecht, System Engineering Manager at Veeam Software, discusses how Veeam improves the cybersecurity posture of public sector organizations.

Discover how Veeam leverages the advanced capabilities to provide tailored ransomware protection and recovery solutions for hybrid cloud environments.

 

How does Veeam perceive the current state of cybersecurity within the public sector?

A: The Public sector is no different compared to any other organization when it comes to securing one’s infrastructure and data, however, in some cases the stakes are higher because a private organization’s revenue is typically impacted. Public sector services are sometimes affected in a way that creates ripple effects on human lives, for example and disruption of basic services like water and electricity supply.

Further public sector infrastructure is also in consequence needed for the private sector to run their businesses. That’s why infrastructure outages through public sector attacks have in conclusion a direct impact on the private sector as well, i.e., transportation services through rail, road, air, and sea.

What unique challenges does the public sector face in terms of data protection and security?

A: In comparison to private procurement processes, public sector procurement can be lengthier and, depending on the data protection needs, there are different budgets available to be spent on the implementation of cyber secure programs.

Some public entities hold data that is crucial to national security. These entities need a more stringent approach as the leak of classified information can become a security issue at country level.

Important to understand is that a lot of global cloud services are out of reach for some public entities due to local data legislation and data sovereignty policies. The risk of public entity data leakage is prohibiting public organizations to use cloud services outside the country or that don’t have committed to the POPI act.

Could you highlight some of the common cybersecurity threats that public sector organizations encounter?

A: Generally speaking, we are observing common risk factors like social engineering campaigns or the infiltration of infrastructures through gateways like unpatched software. In these instances, cybercriminals can hide for a long time undetected while preparing their attack from within, which then can be launched strategically at the worst point in time for the organization.

Speaking of cyber criminality, Hacktivists are individuals or smaller groups that are against the state or government that would likely target public entities to disrupt the public supply chain in the hopes of bringing reputational damage or leaking sensitive government documents.

Another common threat to the public sector is the targeting of figures or individuals through social media misinformation campaigns with the use of deep fakes. This is generally used for reputational damage and other gains.

This means that as an organization within the public sector that is tied to governmental institutions, it is necessary to implement a rock-solid IT security strategy that entails a strong first line of defense and an ultra cyber resilient last line of defense, namely reliable and fast backup and recovery as well as an incident response plan.

In what ways does Veeam support public sector organizations in enhancing their cybersecurity posture?

A: Veeam helps strengthening the cyber resilience of customers through ransomware protection and recovery capabilities through the Veeam Data Platform, a single platform that provides data security, data recovery and data freedom for hybrid cloud infrastructure including Cloud, Virtual, Physical, SaaS and Kubernetes environments.

To support the public sector, Veeam has extended itself into the public organizations security operations center (SOC). At the core, it is about ensuring the data is protected and secure, followed by inline malware detection when processing customers data to various machine learning models. Veeam is in large part supporting the organization’s incident response plan by providing clean and secure data back fast into the organization’s system. This happens through orchestration and automation that have proven to speed up the recovery process significantly.

How does Veeam ensure compliance with regulatory requirements specific to the public sector?

A: Veeam meets the stringent requirements of public sector organizations globally. Additional certifications include Independent Verification & Validation, ISO, SOC, and other security accolades. The full list is available at https://www.veeam.com/solutions/industry/government.html

Can you discuss any recent trends or developments in cybersecurity that are particularly relevant to the public sector?

A: Cyber trends in the public sector are volatile and evolving fast due to foreign relations and the regional political landscape. Some important threats that should be taken very seriously include insider threats, ransomware, and phishing attacks.

The public sector is very much influenced by local politics and at times of pressure or spotlight, data, service availability and reputation are most important.

How does Veeam address the balance between data protection and accessibility for public sector clients?

A: Veeam focuses on keeping the organisation up and running, ensuring that the critical data is secure and yet available, but only to a specific group of stakeholders defined. Here, we see that more and more organizations are considering a Zero-Trust Data Resilience approach.

Moreover, we prioritize ease-of-use and accessibility to maintain productivity without compromising data integrity and security. This is achieved through a multi-layered security approach like 4 eyes authentication, Multi-Factor-Authentication (MFA) and Role-based access control.

What role does data backup and recovery play in Veeam’s approach to securing public sector data?

A: Data backup and recovery are the foundation of any data security strategy, the best line of defense, if set up properly according to the organisation requirements. In other words: Clean and tested backup is also the last line of defense in case all else fails. It ensures an organisation can get their operations back through a secure, copy of data and systems.

Here, I need to point out that recovery is an essential part of the incident response plan. It provides flexibility and freedom to return data to whichever platform is available at that point in time. This should also be done as quick as possible to ensure the lowest possible Recovery Time Objective (RTO) which reduces the overall impact to operations.

How does Veeam assist public sector organizations in mitigating the risks associated with ransomware attacks?

A: Veeam offers a multi-layered approach to cyber resilience and data security. At the very core, it requires a backup cadence that is frequent, without errors and regularly tested. This means that in the event of a complete outage, to ensure to have a secondary copy that cannot be affected.

The traditional “3-2-1 backup rule” recommends 3 copies of data, using at least 2 media types, with 1 copy being off-site. For most Veeam deployments, your production data is [Copy 1, media type=disk], the backup data on the local repository is [Copy 2, media type=disk] and a third for disaster recovery off-site [Copy 3, media type= disk, cloud, or tape].

Most organizations have adopted this practice and expanded beyond the 3-2-1 Rule into 3-2-1-1-0 Rule to incorporate immutability and testing as well due to mandates and the risk of cyber threats. The added 1-0 to the rule suggests that 1 copy be “offline” (inaccessible via air-gap or immutable) and 0 errors (tested and validated). This helps to ensure the highest level of data recoverability from any type of disaster. Since Veeam is monitoring the data frequently, Veeam can apply machine learning algorithms to scan data inline to detect anomalies that often indicate active infection or detect indicators of compromise.

Moreover, through advanced threat intelligence like scanning all data sets stored over time, we determine timelines of infection or compromise and can find a clean suitable copy that can be safely reintroduced into production. This way security teams will aver visibility into the data security status.

Looking ahead, what do you see as the future of cybersecurity in the public sector, and how is Veeam preparing to address upcoming challenges?

A: Artificial Intelligence (AI) is leveraged more and more by threat actors to sophisticate their tactics and strategies of attack. At this stage and to counteract this development, we reach the reality of AI being utilized to defend against an AI attack.

As trends and the IT landscape continue to evolve, Veeam keeps focusing on innovations and cyber security alliances, like with Sophos, to stay ahead of the curve.

- Advertisement -

Google & Mercedes-Benz Transform In-Car Navigation with AI

Google and Mercedes-Benz have announced a pioneering partnership to expand the MBUX Virtual Assistant with AI-powered conversational search capabilities. Built...
Latest News
- Advertisement -

More Articles Like This

- Advertisement -