Guest blog:#CounciloftheFuture must be resilient against Cyber threats

The council of the future must prepare itself for the likelihood that a cyber-attack will occur: a case of ‘when not if’. Councils are already well rehearsed in responding to traditional risks like fires, floods and extreme weather conditions, as well as responding to crises like mass market or provider failure or terrorist incidents.

The new landscape of industrialised cyber threat, however, poses a new challenge. Whilst there is much good practice to take note of, it won’t be good enough to simply have the basic technologies in place to try to prevent an attack, and to leave this to the IT team to manage. A modern organisation will need to embed awareness of cyber security across the organisation, to ensure all staff understand basic cyber hygiene and know to spot the risks. And there will need to be preparedness, across the organisation, to respond and to recover from a major cyber incident when it occurs.

Does the organisation know how to cope without access to its IT systems? Without being able to communicate by email? And do colleagues know how to minimise the damage of an attack, and which systems to restore first? Are files and systems routinely backed up and tested?

Cyber preparedness goes beyond good practice around data handling and sharing. The changes brought by the age of GDPR are important and timely, but they are not in themselves sufficient if an organisation is hit by a DDoS attack, or aggressive ransomware. The LGA has collected some case studies from councils who have already experienced such scenarios. A cyber incident can disrupt the running of essential services, as well as risking reputational damage for a council.

When even large scale, household name companies – like Amazon or Google – are experiencing attack, we know the threat is real.

Though no council was directly hit, the WannaCry attack which affected NHS systems in 2017, provided a stark illustration of the kind of impact a major cyber incident can have on the public sector. The cost to the public purse is estimated at £92m. Hundreds of patients’ lives were affected.

As a sector, those with criminal or hostile intent will continue to try to breach our security to steal the data we hold and/or damage our systems. The ability and complexity of attacks is increasing, and therefore so too are the measures we must take to remain resilient against them. This threat cannot be eliminated completely, but the risk can be greatly reduced to a level that allows us to continue to benefit from the huge opportunities that digital technology offers to public services. Mature cyber resilience can be a business enabler not a blocker.

It is this context that, funded by the National Cyber Security Programme, the LGA has launched a programme of support for councils in England; working to improve the cyber resilience of our sector. As a first phase, we took stock of what councils were already doing in terms of their cyber security, and are now using this information to plan a programme of support for the sector, including an opportunity for councils to bid for funding or peer support, both individually and in partnership, to improve their cyber resilience.

This programme provides a real opportunity to work with the sector to ensure the council of the future is ready and resilient

Share this

FROM SOCIAL MEDIA

Conflict minerals are a huge tech issue for tech and on 29 April we’re running a conference on how businesses from… https://t.co/vuIxKDqSV7
Don't miss the #techUKAnnualDinner on Wed 10 July where you'll hear from our keynote speaker @DCMS_SecOfState - mak… https://t.co/fyMiExG7f2
Fantastic report from @WILDLABSNET @ODIHQ & @OfficeforAI on a Data Trust pilot to aid the fight against the illega… https://t.co/gcAfkp8ROh
Will nation states reach a consensus on responsibly governing cyberspace? How can AI be used responsibly to secure… https://t.co/15cCjar0jo
Congratulations to all of the companies that have been selected for this great initiative. @techUK is pleased to h… https://t.co/dSC9vKSXG0
With climate activism in the news we're holding a workshop w/ @thecarbontrust looking at how tech firms can set amb… https://t.co/DJbOWuDDCJ
@dstlmod launches first SME Searchlight event looking at Radio-Frequency systems. For more info and to register: https://t.co/ZSy2fpHCVF
We were pleased to host the last digital buying community @gov_procurement, the next meetup on 02 May hits the Nort… https://t.co/oqlnDGbMT5
Become a Member
×

Become a techUK Member

By becoming a techUK member we will help you grow through:

Click here to learn more...