March 4, 2022
March 4, 2022
Developing learning materials to embed cyber resilience into local government supply chains
Local governments face a variety of cybersecurity challenges in their supply chains, covering a wide range of spend categories and suppliers. Challenges faced by councils are growing more acute due to the increased focus on digital public and corporate services offered by councils, as well as the changing nature of cyber threats and general international climate.
This risk has already been felt directly by a number of councils. For example, the Redcar & Cleveland Council cyber attack in 2020 left about 135,000 people without online access to public services, and a later independent financial impact assessment estimated the cost of this single incident at £8.7m. This example was found to be a ransomware attack. Ransomware attacks, like many other cyber threats, can exploit vulnerabilities in both an organisation's IT systems, but also in that organisation's supply chain.
The ‘Embedding Cyber Resilience in Local Government Supply Chains’ project is run by PUBLIC on behalf of the Local Government Association (LGA), in partnership with Daintta, to explicitly address these concerns and proactively address vulnerabilities by embedding cyber resilience within local government supply chains.
The project aims to promote practical cyber security awareness and understanding of the risks that supply chains pose to local councils. Once understood, the project seeks to mitigate identified risks, establish control of councils’ supply chains, and drive a culture of secure procurement and cyber resilience. PUBLIC will provide guidance and tools to support local councils to ensure that their supply chains are resilient to emerging cyber threats.
With a variety of different council types, influenced by size, geographic location and levels of cybersecurity maturity, the first step in such a project is to understand the stakeholder landscape. In order for all materials produced to be as targeted and relevant as possible, PUBLIC is undergoing an in-depth user research process incorporating stakeholder interviews, focus groups, and survey data to inform the development of learning materials.
PUBLIC draws upon expertise from our in-house design, learning programmes, external affairs & communications teams to develop learning resources that are evidence-informed in their learning methodologies, and have rich, engaging content. Our best practices are being employed in conjunction with insights from user research to develop webinars, guides, and learning materials to promote cyber resilience.
As cyber attacks become more sophisticated and targeted, it has never been more important to ensure that councils are properly protected.The work that PUBLIC is doing for the LGA will make these resources available to over 339 different English and 22 Welsh councils.
This project is focused on achieving cultural change that enables professionals to make better security decisions. Bearing that goal in mind, content will be developed and delivered with accessibility and access at the forefront so that it is valuable to everyone across levels of cybersecurity maturity and understanding.