Why managed detection and response (MDR) and threat intelligence (TI) are critical components for securing government institutions and organisations

In 2023, cyberattacks against governments significantly increased, driven by both ransomware and non-malware methods.

Globally, there were around 800,000 cyberattacks throughout 2023, translating to over 2,200 attacks per day across various sectors, including government. Governments have been frequent targets due to the sensitive nature of the data they hold and can be prime targets for cybercriminals, hacktivists, and nation-state actors.

In 2024, cyberattacks against governments continued to rise sharply, with major incidents targeting several countries. Additionally, sectors like healthcare and education, which are closely tied to public infrastructure, also suffered from significant attacks. The US and EU particularly saw a significant increase in attacks on government agencies, driven in part by geopolitical conflicts.

Traditional security measures such as firewalls and antivirus software are no longer sufficient to counter advanced persistent threats (APTs) and other evolving cyberattacks. MDR fills this gap by offering advanced detection and immediate response to mitigate potential risks at any hour of the day or night, including weekends and public holidays with its combination of human expertise and automated technology.

ESET has invested in building the world’s leading cybersecurity team with 13 R&D centres worldwide, continuously monitoring all time zones. Security teams work alongside tools like artificial intelligence and machine learning to analyse network traffic, detect anomalies, and respond to threats, using technology to help automate decisions, but with experts standing behind each threat evaluation.

In 2023, a staggering 17 billion personal data records were compromised in various breaches. This marked a significant increase in the number of breaches reported globally, with over 6,000 incidents recorded. Over 70 per cent of these breaches involved unauthorised external access to sensitive information such as names, social security numbers, and financial data. The ability to detect, contain, and remediate threats quickly can be crucial in preventing the compromise of sensitive data, such as classified information or personally identifiable information. MDR helps comply with data regulations, thanks to full disk encryption and multi-factor authentication capabilities with seamless deployment. Third-party software vulnerabilities are kept in check with fully automated patch management that also protects against ransomware and zero-day threats.

It is also essential for government institutions and organisations to clearly understand the tactics, techniques and procedures used by adversaries, especially state-sponsored actors and organised cybercrime groups, by having access to good threat intelligence.

ESET technology searches for threats constantly, across multiple layers and enables users to benefit from telemetry on all countries where emerging threats are detected. This brings an understanding of what is happening on the ‘bad side of the internet’ and provides context, as well as helps anticipate threats and strengthen defences against the most significant risks so that internal preparations can be made. ESET Threat Intelligence therefore helps institutions and organisations gain insights into emerging threats, helping them to prepare for and mitigate attacks before they occur, block APTs and ransomware and improve their cybersecurity architecture as well as make crucial decisions quickly and efficiently, which is essential not only for operational efficiency but also for maintaining public trust and safeguarding national interests.

W: www.eset.ie
Blog: blog.eset.ie