State and Local Government Cybersecurity

State and local governments maintain thousands of miles of water mains, sewage systems, roadways, public transportation lines, and other critical infrastructure—many of which are controlled and monitored with Internet-of-Things (IoT) devices. These connected sensors and cameras geographically extend a government’s IT infrastructure—and its attack surface. Like other critical infrastructure, these systems can be the target of cyber criminals and nation-state actors whose goal is operational disruption, economic losses for the community, or even loss of life.

Such infrastructure can also be subject to coordinated cyber/physical attacks. As a result, protecting it involves an integrated approach to both cyber and physical security. Such integration will become increasingly important as emerging facial recognition and weapons detection technology come online. Adding voice communications to the integrated architecture improves operational efficiency and enhances security.

The Fortinet Security Fabric enables state and local governments to integrate cybersecurity, physical security, wireless networking, and voice communications infrastructures for comprehensive protection. Cameras, recorders, IP phones, voice systems, and wireless networking are all a part of the Fortinet Security Fabric. Analytics tools can provide reporting and analysis on this entire infrastructure, supplemented by presence analytics technology to identify where Wi-Fi users accessed the network. And network access control monitors and verifies all these devices to protect the network.

Even smaller local governments have multiple locations from which different kinds of services are delivered, and larger ones have hundreds or thousands of assorted facilities. Providing connections between these branches and the main IT infrastructure has historically required expensive multiprotocol label switching (MPLS) infrastructure that was difficult to scale according to fluctuations in traffic, and the increasing use of cloud-based services often results in latency.

In response to these problems, software-defined wide-area networks (SD-WAN) technology has moved into the mainstream in the past few years. SD-WAN enables network traffic to travel on the public internet. To keep such a network secure, the SD-WAN technology should ideally be integrated with the cybersecurity infrastructure—and with the networking infrastructure at the remote location.

FortiGate next-generation firewalls (NGFWs) include highly secure SD-WAN technology, allowing network traffic to travel not only on the public internet but also over a virtual WAN (vWAN) within select public clouds. At the remote location, Fortinet SD-Branch solutions extend the Fortinet Security Fabric to the access layer at each branch. This enables secure networking at branches—regardless of their size—and consistent security coverage from the internet, to the wireless network, to the switching infrastructure. 

State and local governments are under constant threat from attacks that are increasing in volume, velocity, and sophistication. The days when threat response could be done manually during business hours are gone. State and local governments need access to robust, real-time threat intelligence with automated response policies to combat unknown, including zero-day threats, and targeted attacks.

The professionals at FortiGuard Labs collect threat intelligence from a large global network of sensors, and have maintained an artificial intelligence (AI)-powered self-evolving detection system (SEDS) for nearly eight years. For all these years, the SEDS has refined its algorithms using machine learning (ML), resulting in extremely accurate, real-time identification of unknown threats across the entire Security Fabric. Sandbox analysis and browser isolation tools provide additional layers of protection. And the Fortinet Advanced Malware Protection service provides broad protection against malware-based attacks.

State government networks host extremely sensitive data, and that data is increasingly distributed across public and hybrid cloud environments. Many entities also host myriad Internet-of-Things (IoT) devices at a vast number of locations and have dozens of citizen-centric applications. As entities adopt more and more services across this distributed architecture, the default is to use the built-in cybersecurity tools offered by each public cloud provider. However, these solutions do not communicate with each other. The result is multiple silos in the security architecture, necessitating a lot of manual work on the part of busy cybersecurity team members in reporting and threat response.

As state and local government networks get more complex and the threat landscape becomes more advanced, it is increasingly important to simplify the security architecture by achieving integration and consistent policy management across the infrastructure.

Fortinet Adaptive Cloud Security solutions, part of the Fortinet Security Fabric, deliver this integration by providing a single-pane-of-glass view of the entire cloud infrastructure. They feature native integration with all major public cloud providers, broad protection to cover all elements of the attack surface, and management and automation features that enable consistent, timely threat detection and response through automation.