Government and Public Sector Cybersecurity Services
We are helping the federal government, state and local organizations, and nonprofit entities transform IT risk, cybersecurity and data privacy for now, next and beyond.
The team
What EY can do for you
The EY Government and Public Sector (GPS) cybersecurity team is designed to scale to the most complex needs and span the full end-to-end cyber transformation journey. We help our clients from the very beginning stages of their cyber strategy through the operational delivery of their cybersecurity mission. We work with clients to address various aspects of cyber transformation, including:
Understanding the public sector landscape
With cyber threats increasing at an alarming rate, there has been a whirlwind of government activity related to cybersecurity. Viewing cybersecurity government guidance through many lenses will help agencies strengthen their cybersecurity efforts — enabling the strategies, architectural models and investments to move forward.
77%
of companies saw increases in disruptive attacks in last 12 months, up from 59% in 2020.
56%
of executives surveyed do not know whether their defenses are strong enough for hackers’ new strategies.
50%
of executives view cloud security as a significant barrier to realizing cloud value
2000
Increase of OT target attacks since 2018
Our latest thinking on public sector cybersecurity legislation
Zero trust in the public sector
Our effective cyber program assessment and zero trust strategy practices directly translate to business security needs and protect the business applications even when the perimeter is breached and the network is compromised. The following are the crucial steps to consider while devising a zero trust strategy:
- Define the business drivers and objectives that influence security resources
- Assess the current cybersecurity architecture against zero trust maturity models to evaluate the gaps
- Develop a short- and long-term strategic road map for embracing a zero trust architecture incrementally
- Achieve compatibility with the existing service infrastructure and application landscape
- Build business cases to justify the security transformation
We have expanded upon the Department of Homeland Security Cybersecurity & Infrastructure Security Agency (DHS CISA) maturity model to ease the development of a road map to advance zero trust architecture. Specifically, we align the DHS CISA zero trust assessment to the EY cyber program assessment to enable mapping to multiple regulatory requirements (e.g., NIST 800-53), benchmarking against commercial sectors and alignment with “battle-tested” project charters.
Why EY?
- Experience successfully creating transformational cyber, analytics and technology strategies for Fortune 500 companies, large federal agencies, state and local government organizations, and nonprofit organizations
- Team of 11,000 cyber and risk professionals throughout the world and an extensive network of vendor and technology alliances
- Highly experienced project teams trained in cybersecurity transformation and implementation, including more than 1,600 professionals with active US security clearances
- Globally recognized and award-winning next-generation cyber capabilities in a business-led, agile fashion
- Leaders in multiple analyst ranking reports, including recognition by Forrester as a top-ranked strategic leader and information security consulting provider
- Purpose-driven culture of building a better working world that focuses on client outcomes by utilizing diverse high-performing teams, helping our clients find better ways of working, challenging today’s methods and unlocking innovation