Business & Technology

Securing the Modernization of IT for State and Local Governments

By Jonathan Nguyen-Duy | June 08, 2018

State and local governments face cyber threats that are growing in both frequency and complexity. With recent high profile attacks against state agencies and even entire municipalities, it’s clear that cybercriminals see them as lucrative targets. Networks in this sector often hold highly-valuable data on individuals, financial transactions, and critical infrastructure. This data-rich environment makes them the target of a variety of threats like ransomware, phishing, botnets, and DDoS, which aim to halt, extort, or disrupt government networks.

As state and local government IT personnel work toward guarding against these attacks, they’re also focusing on meeting the demands of digital transformation (DX) initiatives to drive efficiency, extend services, and reduce cost for citizens and government institutions. In this effort, IT personnel are hindered by outdated, legacy IT systems, information silos across networks, limited resources, and dwindling manpower.

Cybersecurity Difficulties Facing State and Local Government Today

Cyber threats are growing in volume, complexity, and velocity in the state and local government sector. With new introductions to networks like multi-cloud storage, IoT devices, SaaS adoption, and mobile devices to facilitate digital transformation, the threat landscape is expanding. As more and more cyber threats emerge, so are the number of new point products coming to the market. This puts IT personnel in a bind. With each singular solution added, the complexity of managing cybersecurity efforts and the strain put on personnel grows proportionately.

An additional issue facing state and local governments is siloed nature of the technology across numerous inter-connected networks. These siloed networks, make it very difficult for IT teams to detect and mitigate threats.

In an effort to better secure personal and financial information of citizens, state and federal agencies have introduced a variety of regulations. Since December 2017, any government entity holding unclassified information on U.S. citizens has to comply with the National Institute of Standards and Technology (NIST) Special Publication 800-171 regulation, which defines the requirement for protecting controlled unclassified information (CUI). In addition to this measure, nonfederal government entities also have to comply with a variety of personal information, data disposal, and security breach regulations.

Given the complexity of today’s hyper-connected, highly distributed networks, managing and securing them requires ever more time and effort.  In addition, managing non-integrated legacy systems is a daily challenge.

This is only compounded by limited budgets and huge challenges in finding and retaining highly sought-after cyber talent.

Modernization of State and Local Government IT

In order to effectively modernize state and local government IT, there needs to be a joint focus on alignment of mission goals, risk management strategy and security controls and technology. With IT modernization ranking among the top 5 priorities of state and local government CIOs in 2017, the need for the latest technology is universal.  Lawmakers are also recognizing this shift in priority. The State and Local Cyber Protection Act, introduced in May 2017, aims to assist state and local governments by extending the services of their National Cybersecurity and Communications Integration Center (NCCIC) to state and local governments.                    

For state and local governments looking to modernize their IT systems without compromising their cybersecurity in the process, solutions must deliver new agility and productivity gains along with security improvements while supporting the transition of multiple legacy technologies.  Without automated deep visibility and control, existing siloed technology stacks and manual processes will stymie efforts to  free up bandwidth for existing IT personnel, letting them focus attention on high-priority tasks.

Securing IT Modernization for State and Local Government

Fortinet has launched a variety of new solutions to help usher in the next generation of cybersecurity. As state and local governments modernize their existing IT, these Fortinet solutions can deliver robust security that adapts with each new solution – ensuring effective implementations and properly aligned risk management strategies.

FortiOS 6.0

Our latest update to the Fortinet network security operating system. Expanding on our Security Fabric, FortiOS 6.0 enables transparent visibility and control across the attack surface, analytics, and risk management, while also delivering automated visibility across multi-cloud environments, IoT and endpoints, web applications, and email. The FortiOS system allows state and local governments to move away from legacy security solutions, helping IT personnel adopt a holistic approach to cybersecurity.

FortiGuard AI

FortiGuard AI automates threat intelligence gathering and analysis in real time using machine learning. Collecting intelligence across more than three million sensors deployed worldwide, FortiGuard AI distributes that data to each deployed solution throughout the security fabric. This streamlines intrusion and breach detection and accelerates mitigation while freeing up IT teams who would otherwise have to manually review and organize the data of individual detections. Manual detection, correlation and mitigation is no longer effective given the accelerated pace of complex attacks.

Final Thoughts

As state and local governments continue to modernize their IT systems to help meet the demand for digital transformation initiatives, broad visibility, integrated threat detection, and automated operations are crucial to facilitating smooth digital transformation while maintaining effective cybersecurity. These next-generation tools from Fortinet assure secured IT modernization across state and local government entities.

Learn more about how state and local governments rely on Fortinet to help deliver critical services to citizens, align security priorities to business needs, and foster a forward-thinking cybersecurity posture.

FortiGate firewalls helps Salt Lake County Tackle unanticipated challenges

Centralized and secure voice for Alamance County