Taking action to minimise security risk and instil public confidence and trust
The guidance and resources on this page are designed to help councils with ensuring cyber security risk is minimised, and they are as resilient to cyber attacks as possible, across networks, infrastructure and services – from the moment of first implementation to decommission.
Resources and support
- Cyber security: 10 questions for a councillor (and any layperson) to ask - a list of 10 questions that you can use to better understand cyber security arrangements and how risk is being managed within your council.
- Embedding cyber resilience in local government supply chains - the LGA has worked with PUBLIC and cyber security partner DAINTTA to develop online guidance to help councils embed greater cyber resilience in their procurement processes and supply chains.
- Digital Pathfinders Programme - a programme designed to support councils seeking to innovate and develop pioneering initiatives to advance digital inclusion, digital connectivity, and cyber security.
-
Maximising security and compliance features from Microsoft 365 E3 license - Tips on maximising existing cyber security features from our free webinar with Microsoft on Tuesday 15 November 2022.
-
Maximising security and compliance features from Microsoft 365 E5 license - Tips on maximising existing cyber security features from our free webinar with Microsoft on Tuesday 22 November 2022.
Publications
- 10 Questions on Cyber Security - a guide for councillors sitting on scrutiny committees and the officers who support them to understand how the council’s scrutiny function can review policies, practices and procedures relating to cyber security. It is also useful for cyber security professionals working in local government.
- A councillor’s guide to cyber security - a guide to types of cyber threat, what councils can do to protect and react, and key questions to ask
Case studies
- Safer Cyber – Tackling online harms in Durham
-
Faced with an increase in online crime and harm across a range of themes including extremism, the Safe Durham Partnership chose to adopt ‘Tackling and Preventing Cyber Enabled Crime’ as one of their six partnership priorities.
- Digital Discharge to Assess
-
The aims of the SCDIA Digital Discharge to Assess project were to develop a cloud-based case management system that did not depend on a single IT partner or supplier; allow users (with appropriate permissions) to capture, update, track, and report on data about a person’s journey through the Discharge to Assess process; create a ‘single version of the truth’, with a raft of associated patient benefits and service efficiencies.
- Copeland Borough Council: managing a cyber attack
-
During the August bank holiday in 2017, Copeland Borough Council was hit by a zero-day ransomware cyber attack.
- London Borough of Bexley - Addressing cyber security gaps in a heightened risk environment
-
Never has the work of councils been so vital to the most vulnerable in our society, and never have the digital communications and services that councils’ use been so critical to their efforts. Yet even at this busy time it’s worth remembering that cyber threats have not gone anywhere, and many criminals will see the COVID-19 crisis as an opportunity to extort ransoms. This fact – when combined with the increase in vulnerabilities that distance working and new partnerships bring, and our increased reliance on digital services – means that the risk associated with a cyber incident is greater than ever. The London Borough of Bexley provides an insight into the cyber security gaps which led them to seek a major change of strategy, and how the team overcame these challenges and significantly raised its level of cyber security.
