National needs call for automation and informatization of bureaucratic processes. Thanks to the state-of-the-art information technology, governments can make quick decisions and receive up-to-date information about the state of affairs in the country.
Government information systems offer public services to individuals and legal entities. Given the large number of public employees, government agencies need to not only protect critical IT infrastructure but also ensure full compliance with information security requirements among the staff.
State agencies typically have access to big amounts of personal data and other information used in government operations. Even more so, social stability directly depends on the reliability of state agencies.
Unlike commercial enterprises, the primary goal of information security systems in the public sector is to ensure compliance with national and—to a lesser extent—international regulations. Follow-on expert risk assessment only takes place when an agency requires enhanced measures to protect its information.
Public organizations are often targeted by criminal communities and «cyber troops» sponsored by other countries. Attackers may seek to disrupt the stable operation of state information systems, particularly public resources, or gain access to arrays of protected information, including the citizens’ personal data.