1. Cyber Resilience: Is it a case of preparing for the inevitable?
Stephen Baker
Chief Executive
Suffolk Coastal & Waveney District Councils
[SOLACE spokesperson on Emergency Planning and Cyber Resilience]

2. “…the thing is, it’s probably inevitable that your organisation will suffer some breach, some attack, at some point. Of course, do all you can you prevent it, but also prepare for when it happens…”

3. What is the threat? Where will it come from?
What will it do to my systems, my organisation, my services?
What shape or profile will it have, and what will it seek to achieve?

4. What has happened elsewhere?
Several local authorities have suffered attacks
Loss of access [for days]
Loss of data and historical files [forever?]
Impact on services
Impact on staff
What can I learn from these?
There will be breaches we’re not told about

5. What is the risk? Understand the risk: Responding to the risk
issue of scale
visibility (different to other threats)
recognising change when it happens
Responding to the risk
Rationalising the threat [am I a target?]
Complexity of local systems
Vulnerability:
understanding ‘why they do it’
our services and users

7. Environmental Management Electoral Registration
Homeless
Housing Options
NLPG
Grants
HR / Payroll
Building Control
Planning
Housing
Online self service
Eco Dev & Regen
Land Charges
EDMS
Corporate Website
Intranet
CRM
Payments Portal
Legal CMS
Asset Management
Environmental Management
Licensing
Electoral Registration
Coastal Management
Environmental Health
Digital Mapping
Committee Admin
Revs and Bens
Auto Cad
Business Analytics
Corporate Finance

8. Can I prevent it? Technical Response Organisational response
Management response
Leadership response

9. Response Constraints Other priorities, immediate pressures …
Skills, knowledge and experience
Lack of understanding/awareness
Complexity [partnerships/systems/users]
Difficult to quantify the risk
Reticence to quantify the impact
“Alarm avoidance” (denial!)
“Someone else’s issue” (usually ICT!)
Political interface

10. What would the impact be?
Immediate disruption to the organisation, services, customer/resident
Financial cost
Service development and strategic planning
Loss of confidence
impact on digitisation, both implementation and ambition
mindful of user demographic
Reputational damage
Political dimension

11. Impact: can we apply a time line?
Loss of Confidence
Reputation / corporate memory
Political
Political
Political
Impact
Impact on Digitalisation
Service Disruption
Strategic Planning
Service Development
Immediate Long Term

12. Impact: why would anyone do it?
Cause disruption to IT systems
Financial gain/personal gain
Kudos – ‘because I can’
Curiosity – ‘can I?’
Access to s between staff …
… or access to s between Leader and Deputy Leader?
None of the above

13. Support System NCSC MHCLG Cabinet Office LGA SOLACE SOCITM LRFs
Mutual Aid
Suppliers and Partners

14. Communities and Stakeholders
The provider/customer and user relationship
Features of an effective digitised service:
Security / Accessibility / Transparency ….
Community leadership - provision of advice and guidance - how far should support go?
Stakeholders:
Shared systems
Confidence (works both ways)

15. Do an exercise … test your team
A plea to colleagues
Do an exercise … test your team

16. Management Response Take responsibility Recognise the risk
Access the skills necessary for adequate defence [ICT, business continuity etc]
Train and educate – raise awareness
Delegate, but not abdicate
“Get real”

17. Leadership Response Officer role Political role
A sustained strategic response
Mutual support across agencies/councils etc
A common, albeit unknown, enemy
Where does the buck stop?

18. Conclusion Do what we can to reduce our vulnerability
Prepare as best we can in case it happens
….let’s hope it’s not inevitable…!