Local DigitalThursday 25 February 2016

Cert_logoCERT-UK - the UK’s National Computer Emergency Response Team is looking out for local government and ready to help


As anyone who followed the recent Lincolnshire County Council cyber-attack will know, local government is a high profile target for cyber-criminals due to the nature of their work and the large amount of data that they manage.

Using digital platforms to deliver these valuable services means that these organisations need to be as resilient to the cyber threats as possible. This means making sure you have the right plans in place to deal with an incident and have a well-rehearsed process in place to recover quickly. A key part of this is ensuring every area of the business knows its roles and responsibilities; a cyber-attack is not just a task for the IT team.

Delivering services while staying cyber-secure can be difficult for organisations but there is help and support available.

Help is at hand

The cyber security threat to local government is high. Being aware of the resources you can draw on is vital if you want to stay ahead of the curve. The National Cyber Security Strategy sets out the importance of strengthening the UK’s response to incidents and as a result, CERT-UK was formed.

CERT-UK has four main responsibilities that flow from the Cyber Security Strategy:

  1. National cyber-security incident management
  2. Support to critical national infrastructure companies to handle cyber security incidents
  3. Promoting cyber-security situational awareness across industry, academia, and the public sector
  4. Providing the single international point of contact for co-ordination and collaboration between national CERTs

CERT-UK are the people to call if an organisation has a serious cyber-incident. We can help you in a number of ways with your incident response, from practical technical steps through to assistance with your media handling. You can report incidents to us via our website.

To help enhance the UK’s cyber knowledge and resilience, and hopefully prevent incidents, CERT-UK also host the Cyber-security Information Sharing Partnership (CiSP).

CiSP is a free-to-join, joint industry government initiative which allows members from across sectors and organisations exchange cyber threat information in a secure and dynamic environment, within a framework that protects the confidentiality of shared information.

Join CiSP:

  • For the chance to engage with industry and government counterparts in a secure environment, which can provide an early warning of cyber threats
  • To learn from the experiences, mistakes and successes of other users and seek advice
  • Enhance your ability to protect your council’s network
  • And gain access to free network monitoring reports tailored to your organisations’ requirements

Building local government resilience together

Although CERT-UK host CiSP, the content is driven by members, and is reliant upon members regularly checking feeds and contributing to discussions.

Local government members can set up their own exclusive areas, allowing free and frank conversations about collective experiences and the opportunity to engage directly with groups. Local government members can also share information about how other localities are managing their risks or engaging with their board members.

This has proven to be very beneficial for local government incidents in the recent past including several that have garnered national coverage; CiSP serves as an area for organisations to access trusted information. There is also a specific area for local government to share information and best practice.

CERT-UK has just produced incident handling guidance, available on CiSP, which helps organisations plan, prepare and respond to an incident. Getting these basics right, and making sure that simple processes, as well as defined roles and responsibilities, drive your response will limit the damage an attack can cause.

There is also a cyber-exercising group on CiSP where you can find materials that you can use within your organisation.

Take action now

It is important to understand that the physical effects of any cyber-attack on any system are not dealt with differently from the standard resilience procedures. A large challenge for local government is how to improve the awareness of the workforce, while ensuring people can get on with their jobs.

Have you thought about having a cyber awareness day, or maybe running an internal phishing exercise to illustrate to people how easy it is to get caught? These simple threats are by far the most common attack methods, and a very easy way of giving someone access to your systems.

Finally, following the HMG best practice, such as the Cyber Essentials scheme, is a great way of ensuring your organisation offers a sound foundation of cyber hygiene measures that you can implement and build upon. Remember, an estimated 80% of cyber security issues could be easily avoided by following such guidance.

The threat may seem large, but help is out there, so please join CiSP, and don’t hesitate to get in touch with CERT-UK should you have any problems or feedback.


Image credit: http://eng-cs.syr.edu/research/cybersecurity