BUSINESS MODEL INSIGHTS: DEVELOP CYBER MATURITY
Building resilience within local government
A ransomware attack on a UK local government authority in early 2020, which significantly disrupted its ability to maintain operations, brought into sharp focus the risk posed by cyber criminals and other malicious actors. This event raised concerns that comparable organisations within the public sector may also be similarly vulnerable and the importance of maintaining citizen services and operational resilience. In response a central government sponsored 14-week remediation programme was initiated to rapidly establish the risk position in 28 organisations thought to be at the greatest risk of ransomware, and to make practical interventions to reduce the specific risks identified. The objectives were: • Reduce vulnerability of backups to ransomware attack • Reduce the susceptibility of organisations to ransomware attacks • Improve the longer-term resilience of each organisation An initial view of the risk in key areas was established through a targeted questionnaire and workshops, with a programme of accelerated security improvement and remediation work initiated to quickly reduce risk across all organisations.
A collaborative approach The pace of the programme required a high degree of integration and collaboration across the broad stakeholder group, working with multiple independent organisations each with different priorities. The joint programme between the local authorities, Ministry of Housing, Communities and Local Government, Cabinet Office and our team of NCC Group experts coupled with the broader stakeholders required a highly transparent and flexible operating model to succeed. A baseline of vulnerability exposure and security posture was established through a facilitated, self-assessment approach via a workshop. This provided an indication of the risk present in each estate; however, in most cases, a cyber threat actor emulation was required to truly understand security posture. The delivery of risk prioritised remediation at this scale was only achievable through a modular approach that delivered essential solutions to the organisations that needed them. The modules are continually updated based on the latest technology and threat information and cover key security and resilience themes. This approach allowed consistency of delivery at scale for common risks, while enabling a more flexible approach to unique risks where required. Outcomes The programme quantifiably reduced the risk of the ransomware threat across many organisations critical to the UK government’s Covid-19 response: • All critical and high risks identified in relation to both the vulnerability of backups to ransomware and the broader susceptibility to ransomware were reduced to a controllable level • All organisations received a long-term security improvement plan detailing residual risk and recommendations for continuous improvement • 221 remediation modules were delivered across all organisations using multi-disciplinary teams of cyber consultants and engineers
24
NCC Group plc — Annual report and accounts for the year ended 31 May 2021
Made with FlippingBook Converter PDF to HTML5