When local authorities search for ways to improve their cybersecurity, they should recognise that their organisation is a prime target for cyberattacks. We’ve seeing sophisticated attacks on councils and other public bodies throughout the country at an increasing rate over the past few years. In 2020, more than 700 breaches affecting local authorities were recorded.
Local authorities hold personal and financial information that cybercriminals would love to get their hands on.
Names, addresses, passwords, email addresses, financial information and history, electoral and council tax details… the list goes on. Recent trends also show organised gangs and hostile foreign states simultaneously targeting multiple councils in the UK in a broader ‘asymmetric attack’ on the Government.
As you can imagine, it’s imperative for public sector organisations to protect all this as thoroughly as possible. This blog post will explain what local authorities can do to improve their cybersecurity and see off the vast majority of cyberattacks.
Building a secure cyber strategy
When it comes to improving their cybersecurity, local authorities must build the right strategy, based on their people, processes and technology.
Balancing each component is essential to identify risks and mitigate them with the right tools, training and organisational culture.
Employees create some of the biggest risks to cybersecurity for organisations of all sizes. However, if they have the right level of training and awareness, they can provide an effective first line of defence. So, equipping them with the right knowledge about ICT security and potential threats, and creating a safety-first mindset which encourages them to keep their devices secure and report any incidents swiftly, is key to creating a robust cybersecurity culture.
This is a critical point. Most organisations have strong defences where they interact with the public internet, including web and email filtering. However, these are still vulnerable to emerging threats –known as ‘zero day attacks’ – which haven’t been patched. This means your staff are the only form of defence against zero day attacks. Ignore them, and you’ve got hundreds – or even thousands – of open doors into the organisation, from people clicking links on malicious website or emails without understanding what they are doing. So, providing regular engaging, interesting and different education on the latest cyber threats will help your people become an effective barrier.
Your local authority’s processes are also vital when implementing of an effective cybersecurity strategy. Well thought out security policies, which are regularly (annual, as a minimum) monitored and improved, can help prevent and detect threats and define how your organisation can better mitigate its cyber risk.
And technology plays a fundamental role in effective cybersecurity. Deploying the right tools and technologies to layer your organisation’s defences will keep you safe from most common threats and reduce the impact of a cyberattack.
Some of the other things your organisation should consider include:
Use up to date firewalls, VPNs, and other cybersecurity software
Firewalls, VPNs, and the many other types of cybersecurity software out there can be used to significantly block any infiltration into your systems.
Use firewalls to block inbound threats and limit /control outbound traffic.
And ensure you are presenting your users a filtered experience so far as internet access and email goes.
While these are crucial for office staff, don’t forget your work from home/hybrid employees, contractors, and volunteers. Particularly since the long days of Covid-19 lockdowns, we’ve seen a significant proportion of home workers. If they have access to your local authority’s network from home, it’s a potential weakness. Ensure they have (and are forced to use) cybersecurity software.
Ensure remote and home workers are accessing your work environment and applications using either a VPN or ZTNA solution.
For more information, please don’t hesitate to contact us (details at the bottom of the page). Our team will be glad to explain the risks and potential measures you could take in more detail than we have time for here. As always, we’re always happy to chat completely commitment-free.
Passwords
Passwords might feel like an outdated aspect of cybersecurity. Still, local authorities should focus on these simple areas to begin improving. A shocking number of people still use easy-to-guess passwords like ‘password’ or ‘123456’.
It’ll take criminals less than a second to break into these accounts. Once they have access, they may well be able to infiltrate your entire network, including distributed denial of service (DDoS) attacks, listening bugs and other malware.
Most public authorities use Active Directory to control how passwords are made up – because of their code of connection requirements for the legacy PSN, they are likely to be a minimum length constraint and a complexity requirement.
Forcing regular password changes is now considered to be bad practice.
Instead, organisations should be monitoring for unusual login attempts, multiple failed attempts, and abnormal user behaviour and using these to trigger account locks.
Other considerations include ensuring all applications are using single sign on either via OAUTH or AD Federation (e.g. via Azure AD) and ensuring that a password manager (not the browser one) is available to the users if there are applications that don’t support SSO.
Multi-factor authentication
Multi-factor authentication is when a website or application requires two or more ways they can verify a user’s identity before they log in. It means that even if their password leaks, the account should still be secure.
A few different multi-factor authentication methods exist. The most common are to use texts, phone calls, emails, or authenticator apps to send a message to the recipient’s phone or computer.
It’s a relatively simple concept but makes a cyberattack much more difficult and helps protect your organisation from harm. Ensure an appropriately useable two-factor authentication method is set up for all your staff. Older employees, for example, might prefer a phone call over an app. Check out our blog about balancing cybersecurity with user convenience for more information on this subject.
How can AMDH Services Ltd help local authorities improve their cybersecurity?
At AMDH Services Ltd, we believe in providing the best cybersecurity services at the lowest costs. Our highly trained and experienced team members are invested in looking after or assisting your organisation’s protective measures.
We have plenty of work history with local authorities around the Midlands. This means we’re fully in tune with the cybersecurity aspects you’ll be considering. That said, we’ll still take the time to get to know you, your staff, and your system so we can provide a tailored service designed specifically to protect you, your workers, and your constituents.
For more information about our cybersecurity services, please follow this link. If you still have any questions, why not contact us for an obligation-free chat? You can reach us at info@amdhservicesltd.com or on 01332 322 588 if you prefer the phone.
We look forward to hearing from you and getting started on our journey together.
