Authored by: Teck Wee Lim, Regional Director, ASEAN, CyberArk
After significant public sector data breaches in 2018 and 2019, Singapore's Prime Minister Lee Hsien Loong convened a committee to review the government’s information security policies and practices to identify ways that data security practices could be strengthened to prevent future attacks. When the Public Sector Data Security Review Committee completed its review of data security policies and practices late last year, it revealed that:
Agencies, particularly smaller agencies, could be better supported in implementing policies, such as Instruction Manual 8 (IM8) and the Public Sector (Governance) Act (PSGA), as intended;
Officers’ roles and responsibilities in data security could be more clearly articulated;
The government should adopt best practices in technical, process and organisational measures to bolster data security practices, and ensure consistently high levels of data security across the public sector;
The government’s high standards of data protection need to extend to vendors and other non-government entities that handle public sector data while providing services;
Management of data-related incidents could be tightened, including standardising processes for the public to report and be notified of incidents and formalising review processes to learn from incidents.
One of the key outcomes of this committee was that new technical measures, or digital solutions and IT tools, were announced to improve data security practices and standardise how public agencies such as the Ministry of Defence (MINDEF), Ministry of Finance and Ministry of Health (MOH) among others protect citizens’ data. Adoption of automatic Identity and Access Management (IAM) tools was listed as one of these measures.
Managing Access to Information Stops Hackers in Their Tracks
Government entities hold significant volumes of personally identifiable information that requires stringent protection. Attackers are always a step ahead of defences looking for ways to circumvent defences and infiltrate company systems to access valuable data.
This is where Privileged Access Management (PAM) can be highly useful. PAM tools proactively audit the access and administrative privileges associated with both human and machine user accounts. PAM can also restrict access to key controls and data, restricting access only to everyone except the users who need it. In the event of a network breach, government agencies can quickly identify and isolate infected areas automatically, ensuring that access to vital information and assets located in other parts of the network remain safe, secure, and uninterrupted. Compromised credentials play a central role in most targeted attack, so proactively managing these credentials, and the privileges associated with them, are essential when it comes to protecting public sector systems against cyberattacks.
Let us look at this in the context of a typical attack. Say the target information is held deep within the network. An attacker will likely start by establishing a route into the network via an endpoint (i.e. an end user's device). After gaining initial access and establishing persistence, the attacker will look to escalate the privileges associated with the user’s account to gain access to other systems and move closer to their target. From there, the attacker can continue to move laterally within the network until the target is reached, data is stolen, and operations are disrupted – or completely taken over. PAM helps prevent this from occurring by providing security on a user level, where it is needed most.
In the face of increasing cyberattacks, public sector agencies need to establish a proactive cybersecurity programme more than ever. PAM is an important tool to keep critical data protected. With this technology in place, the public agencies that we rely on, and entrust our personal information, stand the best possible chance of protecting valuable personal information.