Last week MITA hosteda workshop for key de-cision makers withinGovernment and dis-cussed the strategy

ahead in leveraging technologyfor simplification of public ad-ministration and the provisioningof the next generation of eGov-ernment service.

The workshop, part of the Pub-lic Services Online projectlaunched earlier this year, wasaddressed by Hon José Herrera -Parliamentary Secretary for Com-petitiveness and EconomicGrowth and Mr Tony Sultana -MITA Executive Chairman. Theproject, co-financed through theEuropean Social Funds, is coordi-nated by MITA together withother stakeholders includingCDRT, various Ministries andDigitaliseringsstyrelsen (the Dan-ish Government Digital Agency).

During the workshop represen-tatives from Digitaliser-ingsstyrelsen shared theirexperiences of how Denmarkmanaged to top the EU chartswith regards to eGovernmenttake-up with some 84% of theDanish population making use ofeGovernment services. In Maltathe situation is that whilst werank first in supply and availabil-ity of eServices, demand and userequires further effort and re-sources.

MITA’s Head of Strategy andBusiness Department, MrEmanuel Darmanin, said that theproject ties with the Digital MaltaNational Digital Strategy. In thearea of Digital Government thestrategy puts forward a numberof objectives; including the needto simplify existing public serv-ices, promote further take-up ofeGovernment services, makeservices available via mobile de-vices, increase engagement andparticipation and extend Govern-ment transparency and eDemoc-racy.

Mr Darmanin explained howthe Public Services Online projectis based on three pillars. The firstcomponent is an up-skilling pro-gramme to a number of Govern-ment employees who provideassistance and services to thecommunity. This training is cur-rently underway and by the endof the project it is estimated thatmore than 400 public officers

would have been provided thenecessary training. MITA took atrain-the-trainer approach so thatparticipants will be able to sharetheir knowledge with their col-leagues.

The second component of theproject is a market research withthe aims of finding the reasonsthat are negatively impacting thetake-up of eServices, to enableGovernment to plan and designusing citizen-centric feedbackand also to identify ways that canencourage citizens and busi-nesses to use the e-services. Aqualitative and quantitative sur-vey via 24 focus groups and atelephone survey with some1,500 participants.

Sarah Farrugia, Project Leader,provided some preliminary high-lights from the market research.Initial results show that citizensthink that traditional services (i.e.those available from Ministriesand Departments) are overly bu-reaucratic and require them totake time off from work and alsoinclude an element of frustrationbecause of traffic and parking is-sues. They also said that despite

the fact that such over-the-counter services lack consistency(approx 80%) some still prefersuch face-to-face encounters asthey believe that sometimes thisleads to better end results.

The study also found that thosewho use eGovernment servicesthink that they are convenient, ef-ficient and easy to use. Some ofthe recommendations put for-ward from the research are thatGovernment departments shouldextend their visiting hours to in-clude Saturdays (approx 88%)and that Government should en-sure that data sharing is a realityamongst different entities (ap-prox 81%) as this will reduce bu-reaucracy (approx 94%). Citizensalso agreed that there should bemore awareness on the range ofe-services available and providedwith step-by-step guidelines onhow to use these services. Theyalso proposed that Governmentservices should have a consistentlook and feel and use simpler lan-guage.

The third component of theproject will be a promotionalcampaign to raise awareness and

educate citizens and business onthe various e-services availablewith adequate resources on howthese services can be used.

For more information about thePublic Services Online Project

please visit gov.mt

The Malta Independent | Thursday 21 May 2015 1312 The Malta Independent | Thursday 21 May 2015

As a country we rankvery high on the avail-ability of eGovernmentservices but then rankbelow average on their

usage and take-up. MITA to-gether with a number of partnershas embarked on a project to en-courage more citizens and busi-nesses to make use ofeGovernment services. Amongstothers it has partnered with theDanish agency for digitalisationbecause the vast majority of the

Danish population uses eGovern-ment services. One of the reasonsis that in recent years Denmarkadopted a ‘digital by default’ ap-proach which saw various gov-ernment-related transactions goonline. Studies show that securityprofessionals are being kept busyall year round with security inci-dents – the average is of 1.5 inci-dents per week and more than aquarter of these incidents are oneof the most dangerous forms ofcyber threats. The study by ESG

also suggests several best prac-tices and lessons learnt on howsecurity professionals can protecttheir organisations better.

Recent studies have shown thatthe majority of HR professionalslook at the social media profilesof candidates who apply for a jobwith their company. Now, a newstudy found that the majority ofthem look for information thatsupports that the candidate actu-ally has an online persona andthat he or she is fit for the job.

More shocking is the finding thatone in every five have admittedthat they look at social mediaprofiles to search for reasons notto hire the candidate.

All ICT Features are available onwww.mita.gov.mt/ictfeature

The Malta Independent ICT Feature

RoderickSpiteri

Roderick Spiteri is Marketing andCommunications Manager at

MITA and editor of MaltaIndependent ICT feature

Anew survey found thatsecurity professionalsare inundated with se-curity incidents, averag-ing 78 investigations

per organisation in the last year,with 28% of those incidents in-volving targeted attacks – one ofthe most dangerous and poten-tially damaging forms of cyber-at-tacks. This was revealed in a newreport, Tackling Attack Detectionand Incident Response, from En-terprise Strategy Group (ESG),commissioned by Intel Securitywhich examines organisations’ se-curity strategies, cyber-attack en-vironment, incident responsechallenges and needs.

According to the IT and securityprofessionals surveyed, better de-tection tools, better analysis tools,and more training on how to dealwith incident response issues arethe top ways to improve the effi-ciency and effectiveness of the in-formation security staff.

“When it comes to incident de-tection and response, time has anominous correlation to potentialdamage,” said Jon Oltsik, seniorprincipal analyst at ESG. “Thelonger it takes an organisation toidentify, investigate, and respondto a cyber-attack, the more likely itis that their actions won’t beenough to preclude a costly breachof sensitive data. With this inmind, CISOs should rememberthat collecting and processing at-tack data is a means toward action— improving threat detection andresponse effectiveness and effi-ciency.”

Better IntegrationNearly 80% of the people sur-veyed believe the lack of integra-tion and communication betweensecurity tools creates bottlenecksand interferes with their ability todetect and respond to securitythreats. Real-time, comprehensive

visibility is especially importantfor rapid response to targeted at-tacks, and 37% called for tighter in-tegration between securityintelligence and IT operationstools. In addition, the top time-consuming tasks involved scopingand taking action to minimise theimpact of an attack, activities thatcan be accelerated by integrationof tools. These responses suggestthat the very common patchworkarchitectures of dozens of individ-ual security products have creatednumerous silos of tools, consoles,processes and reports that provevery time consuming to use. Thesearchitectures are creating evergreater volumes of attack data thatdrown out relevant indicators ofattack.

Better ComprehensionSecurity professionals surveyedclaim that real-time security visi-bility suffers from limited under-standing of user behaviour andnetwork, application, and host be-haviour. While the top four typesof data collected are network-re-lated, and 30% collect user activitydata, it’s clear that data captureisn’t sufficient. Users need morehelp to contextualise the data tounderstand what behaviour isworrisome. This gap may explainwhy nearly half (47%) of organisa-tions said determining the impactor scope of a security incident wasparticularly time consuming.

Better AnalyticsUsers understand they need helpto evolve from simply collectingvolumes of security event andthreat intelligence data to moreeffectively making sense of thedata and using it to detect and as-sess incidents. 58% said theyneed better detection tools, (suchas static and dynamic analysistools with cloud-based intelli-gence to analyse files for intent).

53% say they need better analysistools for turning security datainto actionable intelligence. One-third (33%) called for better toolsto baseline normal system behav-iour so teams can detect vari-ances faster.

Better ExpertisePeople who took the survey ad-mitted to a lack of knowledge ofthe threat landscape and securityinvestigation skills, suggestingthat even better visibility throughtechnical integration or analyticalcapabilities will be inadequate ifincident response teams cannotmake sense of the informationthey see. For instance, only 45% ofrespondents consider themselvesvery knowledgeable about mal-ware obfuscation techniques, and40% called for more training to im-prove cybersecurity knowledgeand skills.

Automation to EnhanceActionThe volume of investigations andlimited resources and skills con-tributed to a strong desire amongrespondents for help with incidentdetection and response. 42% re-

ported that taking action to min-imise the impact of an attack wasone of their most time-consumingtasks. 27% would like better auto-mated analytics from security in-telligence tools to speed real-timecomprehension; while 15% wantautomation of processes to free upstaff for more important duties.

“Just as the medical professionmust deliver heart-attack patientsto the hospital within a ‘goldenhour’ to maximise likelihood ofsurvival, the security industrymust work towards reducing thetime it takes organisations to de-tect and deflect attacks, beforedamage is inflicted,” said ChrisYoung, General Manager at IntelSecurity. “This requires that weask and answer tough questionson what is failing us, and evolveour thinking around how we dosecurity.”

The ESG believes that there is ahidden story within the Intel Secu-rity research that hints at best prac-tices and lessons learned. This datastrongly suggests that CISOs:• Create a tightly-integrated en-

terprise security technology ar-chitecture: CISOs must replaceindividual security point tools

with an integrated security ar-chitecture. This strategy worksto improve the sharing of attackinformation and cross-enter-prise visibility into user, end-point, and network behaviour,not to mention more effective,coordinated responses.

• Anchor their cybersecurity strat-egy with strong analytics, mov-ing from volume to value:Cybersecurity strategies must bebased upon strong security ana-lytics. This means collecting,processing, and analysing mas-sive amounts of internal (i.e.,logs, flows, packets, endpointforensics, static/dynamic mal-ware analysis, organisational in-telligence (i.e., user behavior,business behaviour, etc.)) andexternal data (i.e., threat intelli-gence, vulnerability notifica-tions, etc.).

• Automate incident detectionand response whenever possi-ble: Because organisations willalways struggle to keep up withthe most recent attack tech-niques, CISOs must commit tomore automation such as ad-vanced malware analytics, intel-ligent algorithms, machinelearning, and the consumptionof threat intelligence to compareinternal behavior with incidentsof compromise (IoCs) and tac-tics, techniques, and procedures(TTPs) used by cyber-adver-saries.

• Commit to continuous cyberse-curity education: CISOs shouldrequire ongoing cyber-educa-tion for their security teams, in-cluding an annual series ofcourses that provide individualprofessionals more depth of un-derstanding of threats and bestpractices for efficient and effec-tive incident response.

To view the full Intel Security re-port, visit: http://bit.ly/1GlM2KJ

Avoiding a professionalonline presence may behurting your chances offinding a new job. Morethan one third of em-

ployers (35%) say they are less likelyto interview job candidates if theyare unable to find information aboutthat person online, according to Ca-reerBuilder’s annual social mediarecruitment survey. Moreover, thestudy reaffirms that the majority ofemployers use social networks toscreen candidates and that 35% ofthem have sent friend requests orfollowed candidates that have pri-vate accounts; most are granted per-mission.

The national survey was con-ducted on behalf of CareerBuilderby Harris Poll earlier this year andincluded a representative sample ofmore than 2,000 full-time, U.S. hir-ing and human resources managersacross industries and companysizes.

Social media recruitment onthe rise52% of employers use social net-working sites to research job candi-dates, up significantly from 43% lastyear and 39% in 2013.

“Researching candidates via social

media and other online sources hastransformed from an emergingtrend to a staple of online recruit-ment,” said Rosemary Haefner,chief human resources officer at Ca-reerBuilder. “In a competitive jobmarket, recruiters are looking for allthe information they can find thatmight help them make decisions.Rather than go off the grid, job seek-ers should make their professionalpersona visible online, and ensureany information that could dissuadeprospective employers is made pri-vate or removed.”

Haefner points out that most re-cruiters aren’t intentionally lookingfor negatives. Six in ten (60%), infact, are “looking for informationthat supports their qualifications forthe job,” according to the survey. Forsome occupations, this could in-clude a professional portfolio. 56%of recruiters want to see if the candi-date has a professional online per-sona, 37% want to see what otherpeople are posting about the candi-date, and 21% admit they’re lookingfor reasons not to hire the candidate.

Additionally, 51% of hiring man-agers use search engines to researchcandidates.

Social media recruitment by

industry Hiring managers in informationtechnology and financial servicesare the most likely to use social net-works to screen candidates; retailhad the lowest share.• Information Technology: 76%• Financial Services: 64% • Sales: 61%• Professional & Business Services:

54%• Manufacturing: 49%• Health Care: 49%• Retail: 46%

Hiring managers sendingfriend requests35% of employers who screen viasocial networks have requested to“be a friend” or follow candidatesthat have private accounts. Of thatgroup, 80% say they’ve beengranted permission.

Content can help and hurtjob prospects Depending on what hiring man-agers find, candidates’ online infor-mation can help or hurt their oddsof getting a job. 48% of hiring man-agers who screen candidates via so-cial networks said they’ve foundinformation that caused them not to

hire a candidate – down slightlyfrom 51% last year. The followingare the top pieces of content thatturned off employers:• Provocative or inappropriate

photographs – 46%• Information about candidate

drinking or using drugs – 40%• Candidate bad-mouthed previ-

ous company or fellow employee– 34%

• Poor communication skills – 30%• Discriminatory comments related

to race, religion, gender, etc. – 29%

About one-third (32%), however,found information that caused themto hire a candidate, including: • Candidate’s background infor-

mation supported job qualifica-tions – 42%

• Candidate’s personality cameacross as good fit with companyculture – 38%

• Candidate’s site conveyed a pro-fessional image – 38%

• Candidate had great communica-tion skills – 37%

• Candidate was creative – 36%

Script flippedA separate survey found that somesavvy job seekers are using socialmedia to their own benefit. One inseven (15%) workers check out hir-ing managers on social media, with38% of that group seeking to directlyinteract with the individual.

Leveraging technology for a better public administration

Challenges to timely incident response

1 in 3 employers will not interview applicants who they can’t find online