Thank you to all our members and friends for your continued good work. While it may not always be recognised or acknowledged, it is our work that continues to make a real difference for people and communities.
We have received a lot of messages about the challenges posed by mass home working. Not least the concerns this raises about cyber security.
We don’t want to be firefighting but each of us is daily.
All too frequently, we are finding ourselves dealing with a second issue while the first remains unresolved. During the coronavirus pandemic the risk of cyber outage (malicious or otherwise) is especially fraught.
The consequences include system failure or malfunction, the loss of remote access to key systems and an immediate loss of frontline health and care services at the worst possible time.
Because this is untested territory, we are really keen to get your feedback on how these problems are being resolved and mitigated. While time is of the essence, we’d be extremely grateful to hear how your team is tackling the unique cyber security problems associated with this crisis.
We have drawn together a list of the key mitigating actions to be taken when multiple people are working from home. This horrendous situation will shape and change how local government works in future. Therefore, we would welcome your comments and additions to this list. If you are able to contribute, please do so by emailing – including the relevant heading and subheading – in this group. Have you undertaken any of the steps below? Have you encountered additional challenges? Do you have any further actions to help local government fend off the threat of cyber outage?
Discussion among you all would also prove invaluable. We hope to produce a set of resources, based on this information, with a view to developing a definitive guide for future use.
- up to date patching, AV etc.
- sign up to NCSC‘s free Active Cyber Defence and CNR services
- ensure you have offline backups
Alerts and Communications
- check you’ve registered a shared IT security mailbox and out of hours contact number with NCSC (the number can be your organisation’s resilience team, for example)
- register the same mail address (or your IT service desk) with NEGWARP
- ensure all security team members are members of CiSP
- check CiSP regularly (https://share.cisp.org.uk/news?channel=discovery and https://share.cisp.org.uk/news?channel=discovery might be particularly useful)
- NCSC encourages setting up a CiSP group for each organisation so it’s ready in case of a major incident (perhaps someone can shed more light on this one?)
- increase your monitoring
- our reporting guidance is at https://neict.org/isnortheast/cyber-attack-reporting-guidance/
- remember YOU can raise an alert within the WARP by mailing email@example.com
- staff education re heightened levels of coronavirus-related phishing
- have a look at NCSC‘s “Exercise in a Box” phishing exercise
- ensure an IT Business Continuity Plan is in place that accounts for key staff (security and otherwise) being unavailable and contains details of mitigation / failover solutions (your organisation may have this content in an IT Disaster Recovery Plan)
- have offline copies of that Business Continuity Plan (your organisation may have this content in an IT Disaster Recovery Plan).
It is short notice, but if you are able to respond firstname.lastname@example.org by 5pm on Monday 30 March it would be so very much appreciated.
Stay well everyone and thank you.