Cybersecurity considerations 2024: Government and public sector

For government and public sector organizations, the game of digital defense takes on a whole new level of intensity.

Lady in formals at work desk banner

In every industry, cybersecurity stands as a paramount concern for leaders. Yet, for government and public sector organizations, the game of digital defense takes on a whole new level of intensity. The reason? The sheer volume and sensitivity of the data they manage, which can amplify the potential fallout from any breach. These agencies are the custodians of a vast array of personal and critical data, spanning from citizen welfare to public safety and national security. A misstep in cybersecurity could spell disaster, jeopardizing not just data, but the very health, safety and security of the citizens they serve.

While both public and private sectors face cybersecurity challenges, the public sector tends to be more exposed in this ever-evolving threat landscape. Public sector entities typically have complex information technology (IT) infrastructures comprising diverse systems and legacy technologies, some of which may have been initially set up decades ago. Research from KPMG’s Global Tech report 2023: Government and public sector insights reveals that a risk-averse internal culture is one of the sector’s top digital transformation challenges: 69 percent of government respondents say that a lack of understanding or trust of new technologies makes them less confident about investing.  Despite a recent push to transition these systems to modern, secure regimes, adversaries have many vulnerabilities to exploit, especially at weak links. With growing geopolitical tensions, nation-states are more likely to take advantage of this opportunity, leveraging emerging technology (such as artificial intelligence (AI) and deepfakes) along with targeted misinformation to cause maximum disruption.

With the range of challenges, proactive behaviors to plug gaps and the right cultural mindset in organizations will be key. At the same time, the growing use of modern digital tools and emerging technologies also presents an opportunity to build security and resilience in from the outset, thereby reinforcing confidence and trust in public institutions, something that is irreplaceable. There is also an opportunity to facilitate greater engagement and convenience for the public while improving security. Based on insights from the same report, most government and public sector respondents believe that their tech is already playing an instrumental role in building resilience (90 percent) and meeting increasingly demanding regulations (87 percent).

This article delves into the pivotal cybersecurity considerations for the government and public sector. It offers valuable perspectives on critical focus areas and provides actionable strategies for leaders and their security teams to fortify resilience, drive innovation, and uphold trust in an ever-changing environment. 

Consideration 1: Supercharge security through automation

For the public sector, enhanced security through automation is less a choice and more an imperative for multiple reasons. Firstly, the public sector is not immune to the global skills shortage in cybersecurity. It often has to compete with the private sector to retain talent with the required knowledge and expertise. The public sector tends to lose talent to the private sector, creating a vacuum of knowledge and expertise.

Secondly, in many countries, the public sector is constantly under pressure for being too big. By investing in security automation, public sector organizations can help improve operational efficiency, reduce manual errors and optimize resource utilization, ultimately enhancing overall productivity and effectiveness. Automated processes play a key role in helping to ensure ongoing compliance, as they can be updated to reflect new regulations more swiftly and consistently than manual processes.

Lastly, public sector organizations are increasingly expanding their digital presence and adopting new technologies. This can bring enhanced efficiency but also greater complexity. As agencies scale their security operations more effectively, they should be able to adapt to evolving threats and technologies without significantly increasing costs.

With the growing range of threats, prioritizing what cybersecurity teams should focus on is key. Chief Information Security Officers (CISOs) should filter the noise to allocate resources to the most vulnerable areas. Cybersecurity leaders can start by defining the vision and strategy for automation in the context of larger organizational goals. The next steps would be to determine execution through build versus buy decisions and ensure skills for continuous implementation.

Consideration 2: Identity is owned by individuals, not institutions

Many organizations continue to rely on manual or paper/plastic identity to process transactions, which can be inconvenient, inefficient and full of security risks. When implemented correctly, digital identity can help alleviate these concerns, providing users with a secure and privacy-respecting experience that enables them to conduct online transactions anywhere at any time. This not only helps save time and effort for the system users but also streamlines the process for the institution.

Individual ownership of identity lies at the heart of protecting sensitive information, ensuring secure access to critical services and upholding the rights and trust of account holders. Digital identity ecosystems rely on authoritative identity data to provide individuals with rights and entitlements, from healthcare and social services to education and voting.

Many organizations remain in the early stages of adapting their systems and processes to keep individual identity front and center. Integrating digital identity into broader cybersecurity and resilience strategies is not just a technological imperative, but a crucial step toward more inclusive, efficient and secure government and public services. 

Some government bodies are already leading the way on identity management by rolling out official personal digital wallets and defining minimum requirements for identity service providers. One of the keys is to maintain a flexible approach that accommodates emerging technologies and new regulations.

Consideration 3: Cybersecurity and resilience aren't mutually exclusive

Cyberattacks and security incidents can disrupt critical government and public services, leading to significant economic, social and political consequences. As government agencies collect, store and manage vast amounts of sensitive information, including citizen records, financial data and national security intelligence, cybersecurity is integral to public safety and national security.

Clearly, there are inherent risks that come with today’s digitally connected landscape. Organizations should acknowledge that many cyber incidents are inevitable and simply cannot be prevented. As such, commensurate investment across the lifecycle (i.e. prevention, detection, response and recovery) is required to help ensure true resilience in the event of a breach, so the organization can quickly contain and minimize operational disruption.

Among government and public sector agencies, the integration of cybersecurity and resilience into organizational strategy remains a work in progress, with varying degrees of preparedness across different entities. This is largely because the sector’s approach to cybersecurity tends to be more reactive than proactive, often focusing on immediate threat mitigation rather than long-term resilience planning. This is further compounded by resource constraints. With adequate resilience, government agencies can help minimize disruption and ensure operational continuity.

For resilience, leaders are encouraged to develop a roadmap for how organizations can or should respond in the event of an attack next week, next month or next year. With periodic reviews, plans and frameworks can remain aligned with the evolving threat landscape.

Real-world cybersecurity in the government and public sector

Following significant cyberattacks like WannaCry, government and public organizations have focused on strengthening both their cybersecurity defenses and resilience. This includes investing in advanced threat detection systems, conducting regular staff training, and having robust backup and recovery processes to ensure various processes and services can continue during cyber incidents and recover quickly afterward.

Ransomware and other malicious attacks have significantly impacted companies in the government and public sector. These incidents targeted vulnerabilities in many computer operating systems and spread rapidly across networks, infecting hundreds of thousands of computers worldwide.

In the infrastructure sector, which includes critical systems such as power grids, water treatment plants and transportation networks, ransomware attacks like WannaCry highlighted the vulnerabilities of many legacy IT systems and the potential for widespread disruption.

WannaCry also significantly impacted government organizations. The attack demonstrated that governments are not immune to cyber threats and that improper security measures can have severe consequences.

In response to the WannaCry scenario, considerable focus has been placed on strengthening cybersecurity and ensuring these critical sectors are properly protected. As a result, government and public sector entities are working to enhance cybersecurity capabilities, increase budget allocations, strengthen network defenses, improve employee training and implement incident response plans. Compliance requirements and industry standards are also being enhanced to ensure data privacy and security.

Top priorities for government and public sector security professionals

In an era where digital threats are evolving at an unprecedented pace, the role of government and public sector security professionals has never been more critical. As custodians of citizens' trust, these professionals are tasked with the monumental responsibility of safeguarding the digital landscape. This involves not just reacting to cyber threats, but proactively strategizing to stay one step ahead. The following points outline the top priorities for these professionals in their quest to fortify resilience, ignite innovation, and ensure the security of the digital realm.

  • Strengthening cyber governance and risk management with appropriate frameworks and policies.
  • Proactively plan for cyber incidents with meticulous documentation, regular training exercises and continuous evaluation.
  • Using regulatory mandates as a catalyst for continuous improvement in cybersecurity practices.
  • Actively seeking and integrating innovative technologies to stay ahead of the curve.

How this connects to what KPMG professionals do

In addition to assessing your cybersecurity program and helping to ensure it aligns with your business priorities, KPMG professionals can help government and public sector clients develop advanced digital solutions, advise on the implementation and monitoring of ongoing risks, and help design appropriate responses to cyber incidents. With the well-being and safety of citizens potentially at stake, leaders should act now to integrate operational resilience and security into core business functions. Proactive behaviors, the right cultural mindset and the safe adoption of digital tools are key in helping to ensure public safety and national security.

KPMG professionals are adept at applying advanced thinking to clients’ most pressing cybersecurity needs and developing custom strategies that are fit for purpose. With technology that is secure and trusted, KPMG professionals offer a broad array of digital solutions, including cyber cloud assessments, privacy automation, third-party security optimization, AI security, and managed detection and response.

Our insights

Cybersecurity considerations 2024

Technology innovations demand strategic pragmatism.

KPMG global tech report: Government and public sector insights

Embracing emerging technology to create user-centric services and enhance citizen engagement

Cyber Security Services

Cyber security is more than a technology issue – it’s a golden thread that runs throughout your business, enabling it to operate effectively, efficiently, and securely. Our Cyber experts can help you to protect your future.

Government & Public Sector

Leveraging global experience: Enhancing the digital footprint and promoting sustainable practices in cities, defense, education, human and social services, and international development.

KPMG recognized as a worldwide Leader in Systems Integrators for Cybersecurity Consulting Services

IDC MarketScape names KPMG a worldwide Leader in Systems Integrators/Consultancies for Cybersecurity Consulting Services.

Our people

Ronald Heil

Global Cyber Security Leader for Energy and Natural Resources and Partner

KPMG International


Connect with us

KPMG combines our multi-disciplinary approach with deep, practical industry knowledge to help clients meet challenges and respond to opportunities. Connect with our team to start the conversation.

Two colleagues having a chat