Public sector entities across national, state and local levels continue to grapple with three interrelated challenges: cybersecurity, technological transformation and an aging workforce. This article takes a closer look at these complex issues and how public sector organizations can implement focused strategies to address them.
Cybersecurity risk is on the rise – and public sector entities are taking action.
Government entities make appealing targets for cybercriminals due to the vast amounts of confidential data they collect, as well as the potential to disrupt critical services. Cyberattacks against government agencies and public sector services were up 40% in the second quarter of 2023, highlighting the urgency for public sector organizations to enhance cybersecurity.
In addition to data breaches, ransomware attacks and operational disruption risks, public sector entities must also protect against attacks from “hacktivists” and adversarial foreign governments. In 2021, a White House executive order directed governmental agencies to pursue the adoption of a zero-trust security model, which means users and devices are always verified — not trusted by default.
As cybercriminals constantly develop evolving and increasingly sophisticated attack methods, mitigating the risk can be complicated for public sector organizations that often use older, less secure technology platforms that aren’t fully integrated. The Cybersecurity and Infrastructure Agency (CISA) and the National Security Agency (NSA) monitor evolving threats and release recommendations to help organizations avoid top cybersecurity vulnerabilities.
In response, public sector entities are increasing cybersecurity budgets, with 44% of states enacting legislation to fund Chief Information Security Officer (CISO) positions and another 10% working to do so. Challenges in filling and retaining cybersecurity staff are concerns for CISOs, with many relying on contractors to fill gaps and provide services. Outsourcing can provide needed expertise, but public sector entities must ensure stringent requirements are built into RFP processes and vendor contracts.
Regular cybersecurity penetration tests are also beneficial for public sector organizations seeking to understand their cybersecurity gaps. Penetration testing simulates real-world attacks to identify vulnerabilities within a specific technology platform, such as an organization’s network, website, applications, software, security systems or physical assets. Typically conducted by an impartial IT firm, the tests help organizations strengthen defenses, improve incident response and safeguard sensitive data.
Technology transformation is critical.
The technology landscape is changing quickly, and many public sector entities are falling behind. Legacy platforms that aren’t effectively integrated create data silos that limit data insights, efficiencies and cybersecurity. Fifty-nine percent of government leaders say disconnected operational, financial and people-related data hampers their operations, output and decision-making ability.
A better-connected data landscape is also essential to help public sector entities tap into the power of artificial intelligence (AI) tools. Today, only one in five government leaders report deploying technology that automates tasks and augments their workforce. This is significantly lower than the private sector, where one-third of leaders say their companies are reaping the benefits of advanced digital technology.
One example that’s unique to the public sector is the need to modernize the technology behind state and locally administered traditional pension plans, which remain the industry norm. Many of the 5,000 public sector pension plans in the U.S. aren’t fully optimizing the advantages of automation, with some still relying on manual processes and spreadsheets. Integrating the right tools can generate efficiencies and cost savings in the short term and accelerate innovation in the longer term.
Modern pension administration systems (PASs) bring a plan’s complete data together in a single, centralized pension database. A modernized PAS increases accuracy, expands reporting capabilities and enables convenient user access. Perhaps most importantly, an up-to-date PAS provides end-to-end data security that’s compliant with the Department of Labor’s cybersecurity guidance.
An aging workforce makes recruiting and retention top priorities.
The public sector workforce is older compared to the private sector, amplifying the impact of retiring Baby Boomers (born 1946 to 1964) over the next several years. For example, only 8% of the federal government workforce is younger than 30, compared to 23% in the private sector.
With the youngest Baby Boomers turning 60 in 2024, public sector employers face an ongoing “silver tsunami” of retirements. While many public sector workers opt to work beyond age 65, the wave of Boomer retirements is especially problematic for public sector employers who have had challenges recruiting younger workers.
Attracting younger, tech-savvy employees can positively affect cybersecurity and technology initiatives. For public sector entities, it takes a focused recruiting strategy and, often, a shift in workplace culture. The ability to offer jobs that provide a strong sense of purpose is a plus when recruiting Millennial and Gen Z workers. However, public sector organizations must also offer the increased work flexibility, wellness support and career development opportunities that appeal to younger generations.
The public sector industry experts at CBIZ can help you tackle these challenges and optimize your organization’s strategies. Connect with a member of our team and gain access to more resources here.
 | With a potential recession on the horizon, we know you want resources to help your business master the moment. We've put together our Agility & Excellence Resource Center to bring you strategies and solutions with a finger on the pulse of what's ahead. |