Cyber Security Management CC7178NI
Abstract
With the rise of technology and digital transition, e-government has been an important
medium for the government and its citizens to interact. It has been very helpful to both the
government and citizens in terms of reduced cost/time and other many things. Citizens have
been able to get served promptly. But along with its advantages, there are many serious
challenges and issues to sustain it. One of the critical challenges is cybersecurity and various
security threats associated with it. So, different security policies and practices should be
implemented timely to minimize such critical security issues.
While the security policies and practices are important, they need to be reviewed and updated
along with the emerging threats. Modern hackers or abusers are very smart that they can
attack in different forms so in this report we discuss some critical security policies and
practices needed to secure e-government systems. We’ll also discuss how to write and design
good security policy, standards and practices. We’ll also take some past incidents and case
studies related to e-government security and discuss how various entities have been able to
minimize security risks.
1
,Cyber Security Management CC7178NI
Introduction
a. General Introduction
Modern government has been gradually moving to e-government operations.
e-Government is the utilization of ICT assets to provide services to citizens. This has
made the government and its citizens closer. With the rise of e-governance operations,
citizens have been able to use various governmental services in a timely and
cost-effective manner. But along with its increasing usage, various cybersecurity
threats and attacks are also increasing. Any form of ICT transactions must be made
secure because it involves the exchange of confidential information between citizens
and the government. So it has been a serious thing to create good security policies,
procedures and practices and adapt them to minimize security risks involved in
e-governance operations.
Figure 1: E-governance security architecture (Joshi A, 2012, pp-254-257)
Security policies and practices are essential to protect Information and communication
technologies(ICT) assets of e-government. The assets include data, program,
hardware, network etc. With the increase in the use of electronic devices, software,
hardware and network infrastructures the increase of their threats and vulnerabilities
are also increased. This has led to an increase in the source of cyber threats too. The
motivation of an attacker is to steal information (especially confidential) for fun or
benefits like money etc.
So every government has taken initiatives to create an expert IT security team to
outline good security policies and practices for e-government operations including its
entities like government, citizens etc.
5
, Cyber Security Management CC7178NI
b. Problem Background
Not a single element of the digital world is free from cybersecurity risks, so there is
no chance of e-government being risk-free too. There are many issues faced in
e-government implementation and its ongoing operations. Cybersecurity attacks on
such implementations can range from small email scams to large scale network
attacks.
There can be various types of cybersecurity and policy issue :
1. Most of the e-government operations are performed online so exposing service
to the internet means exposing it to attackers.
2. The critical information of citizens is stored on database servers, which means
once the server is breached attackers gain access to that critical information.
This creates exposure to confidentiality.
3. DDoS attacks can be performed which makes citizens unable to use their
service, which creates a lack of availability.
4. Attackers can use fake IDs to authenticate on various services like e-Voting.
The above mentioned are very few to list issues. There are tons of such issues
happening every day in e-government all over the world. Some real examples of
security threats on e-government are :
1. 3.5 million users data breached the state of Texas.
2. Malware attack on the Ukrainian electricity network in 2016.
3. Governmental websites hack on Nepal.
4. Stuxnet attack on UK National Infrastructure(NI).
c. Current Scenario
Worldwide e-government systems have been facing various security threats. It has
affected the data and information of citizens and government bodies. In figure 3 we
can see how the loss from cybersecurity is increasing every year and only in 2020 it
was near 1 trillion dollars. This has impacted a lot on country’s as well as the global
economy. There is an urgent need to reduce risk and threats. Due to such a high risk of
citizens' data, e-government security is now being considered a critical part of
e-government implementation and maintenance.
Figure 2 shows top security threats occurring in e-government.
6
Abstract
With the rise of technology and digital transition, e-government has been an important
medium for the government and its citizens to interact. It has been very helpful to both the
government and citizens in terms of reduced cost/time and other many things. Citizens have
been able to get served promptly. But along with its advantages, there are many serious
challenges and issues to sustain it. One of the critical challenges is cybersecurity and various
security threats associated with it. So, different security policies and practices should be
implemented timely to minimize such critical security issues.
While the security policies and practices are important, they need to be reviewed and updated
along with the emerging threats. Modern hackers or abusers are very smart that they can
attack in different forms so in this report we discuss some critical security policies and
practices needed to secure e-government systems. We’ll also discuss how to write and design
good security policy, standards and practices. We’ll also take some past incidents and case
studies related to e-government security and discuss how various entities have been able to
minimize security risks.
1
,Cyber Security Management CC7178NI
Introduction
a. General Introduction
Modern government has been gradually moving to e-government operations.
e-Government is the utilization of ICT assets to provide services to citizens. This has
made the government and its citizens closer. With the rise of e-governance operations,
citizens have been able to use various governmental services in a timely and
cost-effective manner. But along with its increasing usage, various cybersecurity
threats and attacks are also increasing. Any form of ICT transactions must be made
secure because it involves the exchange of confidential information between citizens
and the government. So it has been a serious thing to create good security policies,
procedures and practices and adapt them to minimize security risks involved in
e-governance operations.
Figure 1: E-governance security architecture (Joshi A, 2012, pp-254-257)
Security policies and practices are essential to protect Information and communication
technologies(ICT) assets of e-government. The assets include data, program,
hardware, network etc. With the increase in the use of electronic devices, software,
hardware and network infrastructures the increase of their threats and vulnerabilities
are also increased. This has led to an increase in the source of cyber threats too. The
motivation of an attacker is to steal information (especially confidential) for fun or
benefits like money etc.
So every government has taken initiatives to create an expert IT security team to
outline good security policies and practices for e-government operations including its
entities like government, citizens etc.
5
, Cyber Security Management CC7178NI
b. Problem Background
Not a single element of the digital world is free from cybersecurity risks, so there is
no chance of e-government being risk-free too. There are many issues faced in
e-government implementation and its ongoing operations. Cybersecurity attacks on
such implementations can range from small email scams to large scale network
attacks.
There can be various types of cybersecurity and policy issue :
1. Most of the e-government operations are performed online so exposing service
to the internet means exposing it to attackers.
2. The critical information of citizens is stored on database servers, which means
once the server is breached attackers gain access to that critical information.
This creates exposure to confidentiality.
3. DDoS attacks can be performed which makes citizens unable to use their
service, which creates a lack of availability.
4. Attackers can use fake IDs to authenticate on various services like e-Voting.
The above mentioned are very few to list issues. There are tons of such issues
happening every day in e-government all over the world. Some real examples of
security threats on e-government are :
1. 3.5 million users data breached the state of Texas.
2. Malware attack on the Ukrainian electricity network in 2016.
3. Governmental websites hack on Nepal.
4. Stuxnet attack on UK National Infrastructure(NI).
c. Current Scenario
Worldwide e-government systems have been facing various security threats. It has
affected the data and information of citizens and government bodies. In figure 3 we
can see how the loss from cybersecurity is increasing every year and only in 2020 it
was near 1 trillion dollars. This has impacted a lot on country’s as well as the global
economy. There is an urgent need to reduce risk and threats. Due to such a high risk of
citizens' data, e-government security is now being considered a critical part of
e-government implementation and maintenance.
Figure 2 shows top security threats occurring in e-government.
6
