by Phil Swan, partnership director, iNetwork
Every silver lining has a cloud and this could be said of the growing frequency and sophistication of cyber attacks.
Damaging cyber attacks which disrupt operations, compromise data and impact people, are increasing in local public services as colleagues from GCHQ can testify. The ransomware incident with Lincolnshire was merely the very top of the tip of the iceberg – many councils and NHS organisations are seeing unprecedented volumes of malicious emails and brute force attacks on their websites.
Support from the national cyber security programme has been welcomed, not only because of the range of capabilities on offer but because it is pushing awareness of this agenda towards the corporate leadership. As Richard Knowlton, group security director at Vodafone, said on the BBC Radio 4 programme The Bottom Line: “The more successful I am (at fighting cyber attacks) the less investment I get. I’m seen purely as a cost centre”.
Good leadership recognises this and understands that prevention is better than cure, particularly as the average cost of a security breach is now estimated at £2.7 million (source: IBM), with big attacks much more. The US retailer Target estimated the cost of its recent breach at $148 million and Talk Talk’s at over £50 million. These costs often exclude the reputational damage and career limiting implications of, for example, the leader’s Twitter account being hacked and used to publish indecent images.
A key complicating factor is the increased reliance on digital information across public services. I would like to highlight two ways in which councils can mitigate this – by maximising productivity and through mutual support arrangements.
Regards the former, with an acknowledged cyber skills shortage, it is increasingly important that knowledge is shared and useful capabilities exploited. In iNetwork we have a quarterly information security and assurance group meeting which typically brings a large group of individuals together in a ‘safe space’ to share practical tips, near miss experiences and content they do not want on an electronic forum.
We regularly raise issues anonymously, and a busy online forum provides continuity between meetings - as does the partnership office which sources answers to problems.
Mutual support arrangements should be looked into as they can be drawn on when a significant breach occurs. These come into their own when responding and, for example, the corporate network and communications needs to be taken down for a week or more with consequent knock-on impacts. The pressure placed on ICT staff to fix the problem is enormous, and risks burning people out such that after 72 hours they become ineffective.
Taking a leaf out of the civil contingencies book we would encourage groups of organisations with similar ICT architectures to agree to help each other. There are a variety of ways to do so but the common factor has to be to do it before you have a problem, not when one is already occurring.
This article was first published in Local Leadership in a Cyber Society: Understanding the Challenges by the DCLG led National Cyber Security Programme - Local and iNetwork. Read the other featured articles.