The Local Government Association (LGA) is planning a new round of grant funding for councils and the development of an online self-assessment tool for them to monitor their progress in cyber security.
This follows last summer’s stocktake exercise, the results of which it published to members in January, that indicated that many English authorities still have work to do in building cyber resilience and taking steps to mitigate potential attacks.
Programme manager Siobhan Coughlan told UKAuthority that the LGA has allocated a first phase of funding, amounting to £1 million, to help local authorities deal with specific issues that were identified in the exercise.
It is now preparing a second phase of funding that will focus on these but also take in projects aimed at bringing together and strengthening partnerships between authorities to improve security.
“We are trying to encourage more councils to get involved in their WARP (regional Warning, Access and Reporting Points),” said Coughlan. “It’s where they can find support and guidance, discuss issues and get advice from other councils.”
A third phase of funding is expected to follow later in the year and is likely to focus on supporting collaborative projects.
The LGA is also working with a partner on the development on an online self-assessment tool – which will hopefully be available during the summer – to help councils assess their own cyber capabilities on an ongoing basis.
This is considered more feasible and will enable councils to review their arrangements when most appropriate for them, rather than repeat the stocktake exercise, which the LGA ran between June and September of last year and involved contacting all of England’s local authorities.
The majority of councils were rated as amber – on the red, amber, green scale – for their cyber arrangements. A small number were rated either red or green, and within the amber group there was an even spread.
Coughlan said that overall their provision for cyber security was good, but there were common shortcomings around training and awareness that need to be addressed.
“The general level of cyber awareness has gone up even in the past year,” she said. “We need to highlight the basics to everybody, create a culture of not being afraid to do things online but being cautious, so if in doubt don’t click on suspicious a link, and if you do so accidentally then report it and find help quickly.”
The LGA has provided a report to each council on its unique rating, urging those with red or amber-red ratings to take action urgently and provide support where it is needed.
The stocktake also found that, while the right leadership and governance is lacking in some councils, there are some strong partnerships in place to support cyber security such as WARPs.