As new cyber threats emerge, public authorities need to be prepared for continual change in how they respond
It has become something of a mantra – which should be taken seriously – that there is a continuous evolution in the nature of cyber threats and the landscape in which they emerge.
Technology is constantly evolving and the increasing number of connections between systems is creating more points of vulnerability. Public authorities, especially those that need to work with a wide range of partners through digital systems, have to spread their defences as wide as any organisations in resisting the threats.
It was one of the prominent issues at UKAuthority’s recent Cyber4Good conference, where the presentations and discussions emphasised the widening source of threats, and the fact that public authorities are prime targets, both for criminal exploitation and to destabilise communities.
Public authorities have been preparing for cyber attacks for decades, but they are having to look forward and be ready to respond to attacks that are currently difficult to envisage. Creating the conditions for an evolution of protection and response is as important as the defences currently in place.
A series of lessons emerged from the event, including that the level of security risk is not constant, and that the probes on an organisation’s defences will go through troughs and spikes. Also, as ICT systems change so do their vulnerabilities, and it is necessary to keep an eye on these changes.
Understanding assets
There is also a need for a clear understanding of all of an authority’s IT assets, how they are configured and connect to each other, and review this as any changes are made.
In the event of an attack there is a need to act immediately, shutting down systems if necessary without asking permission. And the capability has to be in place to contact a source of support, such as supplier contacts and the NCSC, quickly.
Several other lessons were put forward at the event, along with perspectives on how the landscape is changing and details on some of the support and further sources of advice that are available.
There is plenty out there, but there is a feeling that organisations are looking for support specific to their sector, and the best way of finding this is by becoming involved with the specialist operations and groups – such as warning, advice and reporting points and the cyber communities within sectors such as local government and policing – to keep up with the emerging threats and responses.
The landscape is going to change, with new threats continually emerging, which means organisations’ responses will also have to change.
The full briefing paper on the Cyber4Good conference includes examples of major cyber attacks, details on some of the support schemes and a series of perspectives on protecting against threats. It can be downloaded from here.
ADD LINK