Not even COVID-19 could put a halt to the successful creation of the country’s newest unitary council and all the hard work and ICT planning carried out in the run up.
Buckinghamshire Council launched on 1 April, replacing the county and four district councils with a single, new unitary authority. ICT staff from all councils had been delivering a complex programme of work over the past year to ensure a smooth transition to the new authority, but the pandemic added unique challenges in the final lead up to launch day.
The hard work of ICT staff prior to the pandemic meant that not only did we ensure a smooth transition, but we were also in a strong position to adapt quickly and continue to provide all those essential services to the public. At the same time as completing complex projects like implementing a new single email system for the new council and linking together our legacy networks, we also enabled and equipped more than 3,000 members of staff to work from home within days.
This huge shift away from working in an office environment naturally opens up greater cyber security risks, particularly through the use of personal devices. At the same time, as cyber-attacks become more prolific and sophisticated and cyber criminals exploit gaps and vulnerabilities, the public sector as a whole, including local authorities, is most definitely one of their targets and we need to respond quickly and effectively.
The rising cost of breaches, potential damage to reputation and loss of trust by residents and businesses alike, together with the need to work closely with partner organisations such as the Department for Work and Pensions and NHS – and increased regulation and compliance requirements – all demonstrate the critical importance of maintaining a strong security posture.
Prior to becoming a unitary and before the outbreak, our IT team had already recognised the fact that, like most public sector organisations, we took a traditional approach to cyber security that was essentially reactive. The tools available to us simply buried us in a world of thousands of alerts and event notifications, most of them often innocuous with no security impact.
However, buried in this complex environment would be the alerts that are critical. We lacked the technical capability and the resource capacity to fully comprehend, identify, categorise and respond at pace to what is an ever more complex world of threats. It soon became clear to us that to become proactive in managing risk we needed to complement our in-house capability with an external partner specialising in cyber security, giving as access to wider industry knowledge from cyber security experts.
Following a competitive process for a managed security service, we selected Hytec as our cyber partner. They are now monitoring our five legacy networks on a 24/7 basis, with more than 100 million events in an average month across the entire organisation. They are able to filter out 98%, only notifying our in-house team when they identify a potential threat. This allows us to deal with issues before they escalate into major problems, a recent example being a phishing exploit that was identified and fully rectified within 30 minutes. At the same time, having a partner filtering the majority of alerts across our environment frees up valuable time for our busy in-house IT team.
Integrating the managed security service into the overall operation of the new council has been a relatively smooth transition during a busy and challenging time. The partnership with Hytec has led to a virtual team, comprising of both their staff and our IT team, capable of better protecting our services, staff, systems, data and community from the ever-increasing cyber threats.
As National Cyber Security Centre guidance states, the risk is never zero, but the key is to take actions to reduce the risk as much as possible. Our move from a reactive to a proactive service is helping us achieve that.
Tony Ellis is chief information officer at Buckinghamshire Council
