UK cyber security centre promises to boost local government focus
The National Cyber Security Centre has committed to improving collaboration with councils and producing better guidance for local government.
Alison Whitney speaking at the Socitm annual conference in Milton Keynes yesterday - Photo credit: Rebecca Hill
Alison Whitney, the deputy director of digital services at the NCSC, yesterday acknowledged that until now cyber security work the government’s work on cyber security has focused on central government.
Addressing the Socitm annual conference for local government digital leaders in Milton Keynes, Whitney said that guidance was often written with Whitehall in mind and was not always accessible for other parts of government.
However, she said that the new centre – which was officially opened at the start of the month and aims to bring all aspects of government cyber security together – was trying to address this.
Whitney said that it was “really important” that the NCSC understands what local government needs, and that work was already being done to identify the pinch points for councils.
She said that the initial challenge was deciding where to start, noting that the NCSC had limited resources for the work and that it would not have been possible to develop one-to-one relationships with each local authority.
“We needed to look at how to maximise the impact we could have,” she said.
After a period of consultation and discussion, Whitney said the centre had decided to focus its work on local government associations, such as Socitm, the Society for Local Authority Chief Executives and the Local Government Association.
The centre’s staff – most of whom have been drawn from other government agencies – have also held a number of regional briefings over the past year with the Department for Communities and Local Government.
Whitney said this had helped the NCSC understand more about where it can improve its offering for local government.
Work will include further regional briefings with DCLG, more work with a major focus being on the guidance the centre will offer on cyber security.
“[Existing] guidance was nearly always written with central government in mind,” Whitney said. “We are trying to make it less obviously focused on central government users and offer more case studies about local government and other sectors.”
For instance, she said, they had this week published guidance on ransomware – a subject they “probably wouldn’t have touched” previously – because it has such a big effect on local government and the healthcare service.
“We went through and reviewed guidance to make it user agnostic,” Whitney said. “IT is IT is IT; in many instances, it doesn’t matter who you are or what you’re doing.”
Her comments are likely to go some way towards allaying concern that the NCSC was not engaging with local government enough and could end up letting it be the “weak link” in public sector cyber security.
Indeed, participants generally welcomed the NCSC’s efforts to engage with local government – especially on providing more relevant guidance – to date.
Whitney agreed, though, that more work was needed. “We realise we’ve only skimmed the surface of [understanding the problems local government faces], and need to do some further deep dives,” she said.
Cybersecurity agency issues report looking forward to coming dangers and back at year in which DDoS and ransomware hogged the headlines
Technology will allow officers to search smartphones under execution of warrant
Former senior civil servant Andrew Greenway looks at the reasons for both optimism and scepticism as the government embarks on another shared-services rollout
Nesta’s Flying High Challenge is working with five UK cities to explore the use of drones in the delivery of public services. PublicTechnology talks to programme manager Nishita...
BT brought together CIOs from well known organisations to identify the key threats and opportunities that new technologies are presenting
Hartley was a senior officer in the RAF and now works in cyber security for BT. Ahead of the BT Cyber Security Careers Insight, the Officers' Association asked him to...
BT's Andy Rowland on technological risk, and how the systems fundamental to modern life are under attack
BT's Mike Pannell on the different ways of anonymising information and their application to IoT data