Over the past few years, public sector institutions have accelerated their digital offerings. From telehealth to telework to online education, many public sector organizations digitized their services during the pandemic—and their constituents have now come to depend on them.
As public sector organizations go increasingly digital, cybersecurity is more important than ever. Public sector agencies are a favorite target of criminal organizations, often for the personally identifiable information they hold. And they must constantly defend themselves from a wide range of increasingly sophisticated threats—from state-sponsored cyber warfare to power supply interruptions to ransomware.
To protect their digital operations from emerging cyberthreats while meeting the need for digital services, many governments across the globe are modernizing their application infrastructures. For example, the U.S. government has invested more than $900 million in cybersecurity and digitization projects across 32 federal agencies through the Technology Modernization Fund established by Congress. In Europe, the UK has set aside £600 million to upgrade government IT, while the Spanish government is investing €140 million in public and private funding to support digitization. And South Korea is dedicating KRW 58.2 trillion to upgrade its public infrastructure, while expediting the adoption of data and AI through its economy.
As public sector institutions invest in their IT architectures, many are turning to F5 to power and protect the digital experiences their employees and constituents depend upon. So why does the public sector—including all 15 executive departments of the U.S. Cabinet—rely on F5? Here are four reasons:
In the one-year period from 2022 to 2023, there were nearly 5,200 confirmed public sector breaches, according to Verizon’s Data Breach Investigations Report. And in the last half of 2022, cybersecurity attacks against government agencies worldwide jumped 95% over the same period the year before—thanks to rapid digitization and shifts to remote work as a result of the pandemic.
F5 offers a high level of protection from both well-known and emerging threats—reducing the public sector’s risks and protecting their apps from ever more sophisticated attacks. For example, one of our customers, a U.S. government agency that serves over 100 million households and processes more than $2 trillion in payments and benefits, needed a way to stop account automated attacks aimed at taking over citizen accounts.
Using F5 Distributed Cloud Bot Defense, the agency stopped the account takeover attacks within two days of deploying countermeasures and going into full blocking mode. Today, the agency has the 24x7 threat intelligence it needs to dramatically lower cyber fraud so it can better protect citizen information.
Likewise, the Port Authority of Jamaica chose F5 to optimize its electronic platform that connects seaports and airports across the country. The authority was deploying a Port Community System in the Microsoft Azure cloud and chose F5 for its ability to boost performance while securing confidential customs and shipping data.
Using F5 BIG-IP Advanced Firewall Manager, the Port Authority now has DDoS protection, SSL inspection and termination, deep visibility and reporting, and centralized policy management. As Dwain Powell of the Port Authority of Jamaica, told us: “Based on our vendors and the system we’ve implemented as well as the research we’ve done, the security service that F5 offers is tier 1 in terms of financial institutions and governmental organizations. So we opted to go with one of the best.”
For the public sector, compliance is a major issue, and cybersecurity regulations continue to evolve. From the Network and Information Security Directive (NIS2) implemented in the European Union to the new cybersecurity regulations recently introduced by the White House, governments are continuing to strengthen their security requirements. To meet these growing needs, F5 maintains an active product certification and evaluation program to help public sector organizations around the globe keep up with these changing requirements.
Indeed, compliance was a key reason why the Idaho Department of Health and Welfare chose F5 as it implemented an identity and access management for its internal systems and Microsoft Office 365.
Working with F5, the government agency obtained a more flexible IT environment with strong security and fewer systems to maintain. It also was able to meet the rigorous compliance requirements it needed, particularly, its need to meet many of the Center for Internet Security (CIS) Top 20 Critical Security Controls. “I’ve completely embraced F5 as a security brand that I can trust,” says Corey Van Allen, Server Integration Lead at the Idaho Department of Health and Welfare. “By choosing F5, DHW is tightening up security throughout the organization.”
Likewise, the City of Bellevue in Washington chose F5, in part, because F5’s products enabled it to meet strict federal compliance requirements. Using F5 technologies, the City of Bellevue was able to easily create distinct policies for different users on different virtual servers, providing police access to the Criminal Justice Information Services (CJIS) data its police officers need to do their jobs. The city was also able to meet the requirement to use tamper-proof, Federal Information Processing Standards (FIPS)-compliant hardware.
Says Garrett Solberg, an IT Manager in the City of Bellevue’s Infrastructure Division: “You can’t quantify being compliant. You can’t quantify being more secure. You either have it or you don’t. With F5, we’ve acquired everything we need to meet those strict federal requirements.”
In a recent KPMG survey of private and public sector organizations, consumers consistently rated public sector institutions at the bottom of the list in their ability to deliver a great customer experience. Not only does a poor digital experience damage constituent relationships, but it also holds back public sector employees for whom digital tools improve productivity and increase efficiency.
As the public sector works to improve the customer experience, the high availability and performance of their applications is key. And with F5, they can accelerate availability and performance to give constituents the extraordinary digital experiences they expect.
One government agency that needed exceptional performance is the Belgium state pension agency, Rijksdienst voor Pensioenen (RVP), which made a public commitment to make pension information digitally accessible to citizens across the nation. RVP’s online pension application had to deliver exceptional performance and availability to millions of users, while also securing sensitive data.
By choosing F5, RVP was able to balance its load and deliver high performance for users, even during high spikes in traffic. “F5 delivers the performance that citizens want and the security we need,” says Ivo Tuytens, IT Security Manager at RVP.
For some applications, security is the top priority, whereas for others it may be performance or cost. As public sector institutions reap specific business advantages by placing each app on-premises data center, public cloud, edge environments, or a mix of all of these, their IT landscapes are becoming an operational nightmare.
By turning to F5, public sector organizations can easily manage their apps no matter where they’re deployed. For example, Fraser Coast Regional Council, a local government agency located in Queensland, Australia, was transforming its infrastructure from a traditional data center into a modern hybrid cloud and on-premises based architecture as it rolled out web-based services.
Working with F5, the council now has the ability to monitor user identity and manage access to applications using a centralized, policy-based management console. “In a hybrid environment, the ability to secure and differentiate access to the council’s applications and network is important,” says Wade Rogers, the council’s Manager of Information Technology and Systems. “With F5, we are able to deliver applications to the users and ensure that the security posture doesn’t change no matter where the users are.”
Similarly, the Scottish Government’s Agriculture and Rural Economy (ARE) Directorate is migrating to a multicloud environment, while protecting its new infrastructure with best-in-class SaaS-based security solutions. By turning to F5, the directorate has been able to simplify a complex environment—connecting its clouds, services, apps, and APIs with consistent security policies and visibility across all of its assets.
“By stripping complexity out of our IT infrastructure, we can double down on advanced technologies that better serve our customers, from drones and satellites to AI and machine learning,” says Neill Smith, Head of Infrastructure, ARE Directorate. “F5 gives us complete peace of mind for the future.”
As public sector organizations continue to strengthen their digital offerings, they need advanced security they can depend on, compliance-ready products, and high availability and performance their constituents expect. And by choosing F5, they get all of this and more.
As one public sector customer told us, “Application availability, performance—and most importantly, security—mean a world to us and our reputation depends on it.”
To learn more, visit our F5 Public Sector Solutions webpage.