Digital transformation in Government
As part of the UK government’s policy to implement a “digital by default” strategy, public sector organizations are starting to actively migrate workloads to the cloud. As part of this digital change these organizations are being urged to consider the security of these workloads. The National Cyber Security Centre (NCSC) created the “Cloud Security Principles”, a list of 14 essential security principles to consider when evaluating cloud services.
Recent content from the NCSC suggests that cyber attacks are becoming more frequent, sophisticated and damaging when they succeed – the recent WannaCry ransomware attack impacted more than 100,000 organizations across 150 countries. The government must therefore ensure that they act in a way that is secure, restrains cyber criminals and underpins the politicians’ commitment to data protection and citizens’ privacy.
The amount of recent cyber attacks and data breaches also demonstrates the vulnerability of businesses and underpins the requirement to further invest in cybersecurity. techUK launched a manifesto to list recommendations for government actions in the following five areas:
- Making Brexit work for the tech industry
- Economic growth
- Building a smarter state
- Skills and jobs
- Guaranteeing a safe and secure digital world
Guaranteeing a Safe and Secure Digital World
In this part of the manifesto, techUK calls on the future government to increase its national cybersecurity budget by 10 percent to ensure public security. A significant and bigger investment in cybersecurity would support the development of further cybersecurity tools and assist in making the UK a global leader in this important field. The threat landscape is always evolving and cyber attacks are a 21st century’s phenomenon that won’t disappear. But will cybersecurity become one of the new government’s priorities?
The Digital Marketplace and G-Cloud
As a platform to easily find technology or people for digital projects in the public sector, the government has created the Digital Marketplace. The platform enables public sector IT teams to easily and cost-effectively search and acquire services from pre-approved suppliers of cloud-based services, avoiding time-consuming and costly traditional procurement practices, whilst standardizing contracts, terms and conditions through the Digital Marketplace. One of the UK public sector frameworks on the platform is G-Cloud 9 – an agreement between the government and suppliers providing cloud-based services.
G-Cloud and Alert Logic
As of May 22 of this year, Alert Logic’s Cloud Security suite, Alert Logic Cloud Defender, the industry’s first fully managed cloud-native security and compliance solution has gone live on the G-Cloud 9 framework.
Alert Logic Cloud Defender combines managed security software and expert security services to assess, detect and block threats to web applications and cloud-based workloads, whilst also helping public sector and enterprise organizations comply with regulatory mandates such as PCI and preparing for the upcoming General Data Protection Regulation (GDPR) regulation coming into EU law in May 2018.
“Web applications attacks are the most prevalent source of data breaches, due in part by the large attack surface up and down the application infrastructure stack” commented David Howorth, Senior Vice President EMEA for Alert Logic. “Inclusion on G-Cloud helps us to provide public sector teams developing cloud applications with a multi-layer web application attack defense that combines fully managed security services, machine learning, threat intelligence and 24×7 security expertise to protect sensitive data and defend against the latest cyber attacks.”
To learn more about Alert Logic’s G-Cloud security service please get in touch or visit the G-Cloud Marketplace listing.