In an increasingly globalised and digital world, vulnerabilities to potential cyber incidents proliferate; in the first half of 2021 alone, the volume of incidents increased 125%. Not only is the number of attacks increasing, but the impact of the attacks is also worsening; in the past year alone, data breach costs surged 10% to the highest-ever average recorded, and this rise is projected to continue as cyber attacks grow more sophisticated.
Local authorities in the UK are not spared from this trend. Attacks have left councils without basic IT functionality such as access to files, affected online services such as planning and benefits, limited social care provisions, and have inhibited basic daily operations of schools, emergency repairs and service causing devastating costs and delays. The burden of these attacks are often felt acutely by citizens, and the costs of repair continue to grow.
It is impossible to have a perfectly secure system, but plenty can be done to reduce the risk of cyber attacks to a manageable level. To help councils adapt their practices, the Local Government Association (LGA) has commissioned PUBLIC and Daintta to help support councils across the UK to increase the cyber resilience of their supply chain. As part of the project, we are conducting thorough user research and context-setting interviews to gauge current levels of activity and determine where the gaps are so councils can supplement and strengthen targeted and accessible cyber resilience training and resources for councils.
Over the next few months, we will conduct needs analysis, context-setting interviews, and evaluate user research to build targeted and impactful learning materials for the LGA, and ultimately help to inform and drive progress in reducing cyber vulnerability and ensuring resilience in the supply chain throughout the lifecycle of a procurement.
All of our materials are co-developed and informed by the cybersecurity expertise of our partner organisation Daintta, a boutique consultancy that provides technical and business consulting services to help clients untangle complex problems in cybersecurity. Daintta’s expertise and depth of knowledge of NCSC guidance critically informs and guides our content development.
Together, PUBLIC and Daintta both believe that enhancing cyber resilience will require councils to collaborate on long-term cultural, technical and digital infrastructure challenges to enhance security across councils.
Through this project, we seek to address the rising threat of cyber attacks by equipping councils with the necessary information to protect themselves. By engaging in thorough user research before developing our curriculum, we can help ensure that learning materials, guides, and webinars all provide councils with the most relevant safeguarding practices and current regulations for cyber security. Our work coupled with all of that which the LGA is already doing, will bolster a culture of resilience and better protect local councils against emergent threats.
—--
If you would like to learn more and be involved in the research, please contact Andrew Cole (andrew@public.io). We are particularly interested in speaking with local government IT, cyber security, commissioning and procurement practitioners and specialists.