Many nations are banking on e-government to help them eliminate budgetary shortfalls and facilitate easy interaction between government agencies, constituents and businesses. Australia, for instance, faces the elimination or merger of up to 70 public sector organizations, but may have an opportunity to both expand services and reduce expenditures through e-government initiatives. Other countries like South Korea already plan to invest billions in e-government to help Nigeria grow its ICT industry and promote development.
Forecasts, Singapore breach illustrate pitfalls of unsecured e-government
Needless to say, the expansion of e-government has associated cybersecurity risks. In a 2013 blog post, Rik Ferguson, security researcher at Trend Micro, looked back at the firm's groundbreaking "2020: The Series" Web video project and highlighted what could happen to e-government in the near future. A problematic scenario might entail citizens losing access to critical government services – many of which would have been digitized – after a cyberattack compromised their logins.
It's hypothetical, but not that farfetched. Singapore already has a substantial e-government accounts systems, SingPass, that provides 3.3 million users with access to more than 300 government services. In its short life to date, SingPass has already been breached and become the subject of intense debate over data security and privacy. Said security incident involved the compromise of 1,560 accounts that were then used to apply for work passes. The applications were canceled, and the Singaporean government has claimed that SingPass's integrity is intact.
Whether the system itself is flawed may be a moot point as long as its users don't adhere to best security practices. At least, that as the position of the government minister Yaacob Ibrahim, who highlighted the risks of malware and weak passwords to SingPass. Two-factor authentication is on its way, and citizens will soon have the option to create custom usernames that are theoretically stronger than their more easily-obtainable national identification numbers.
Such measures are good news for cybersecurity. Enterprise, whether they work alongside governments on digital projects or are exclusively in the private sector, can apply similar practices to mitigate risks to sensitive accounts and data as more of their services become Internet-facing.
Upholding data privacy and security as e-government expands
Another concern about e-government, and SingPass in particular, is how data collected from ubiquitous sensors is handled. With the rise of the Internet of Things, such issues are bound to enter into tomorrow's security and policy conversations about proper stewardship of "smart" systems.
"The [Singaporean] government's smart nation trials involve private organizations that must comply with the data protection act, but also deal with data deemed to belong to the public sector since government agencies are also part of these trials," wrote Eileen Yu for ZDNet. "This mishmash of private and public creates many blurry lines in how sensor data should be managed."
Collaboration between public and private sector organizations will undoubtedly be vital to the success of e-government projects. Stakeholders will need not only clearly written policies governing data, but also guidance from the security community in being smart about authentication, encryption and IoT protection.