President's Conference is now sold out! Thanks so much everyone. We'll see you in Birmingham.
Magazine |

In Our View, issue 43

How to prepare for local government reorganisation

Authors and contributors: SA Mathieson, Carol Williams, David Ogden, Mark Brett, Kevin Taylor
Download In Our View, issue 43 as PDF document

    Socitm In Our View, issue 43

    Local government reorganisation (LGR) is the key topic in this issue of Socitm’s membership magazine, produced for the June 2025 President’s Conference in Birmingham. A survivor’s guide to LGR, the main feature, includes interviews with Helen Blake of Westmorland and Furness Council and Craig Wilkins of Somerset Council, who went through council reorganisations in 2023. The magazine also includes coverage of the Information Security for London (ISfL) annual conference in March and the Socitm Midlands event in April. The Personal view is by Kevin Taylor of Suffolk County Council and a Socitm vice-president.

    Jump to section

    President’s welcome: Explore beyond borders to find the best insights

    Carol Williams
    Carol Williams, Socitm president

    Welcome to In Our View magazine and for those here in Birmingham our 2025 President’s Conference. As one of my final duties as this year’s President, I will be chairing the first day and handing over to Kurt Frary, our incoming president, at our annual general meeting.

    Our conference theme is ‘Beyond borders’, which is appropriate given the next three years will see local authority borders redrawn across much of England. The next round of local government reorganisation looks likely to see more than 200 county, lower-tier and unitary authorities replaced by a much smaller number of unitaries. This issue includes insights from Helen Blake and Craig Wilkins, veterans of the reorganisations of Cumbria and Somerset in April 2023. They discuss the importance of getting your house in order as early as you can, as well as how related work is likely to continue for several years after the day itself.

    I am also thrilled to welcome to this year’s conference colleagues from organisations similar to Socitm from around the world. We are hosting the annual general meeting of LOLA (Linked Organisations Local Authorities) alongside our conference. This means that we have an even greater opportunity to explore beyond boundaries through conversations and insights into the innovation, transformation and modernisation work happening within the public sector in Australia, Belgium, Canada, the Netherlands, New Zealand, Sweden and the United States.

    This issue’s Personal view is by our newest vice-president Kevin Taylor, a keen sailor who has tacked between the public and private sectors before dropping anchor in Suffolk’s local government. There are also reports from two events, the Information Security for London annual conference in March and the Socitm Midlands event in April, as well as digests of a guide to cyber security and Socitm benchmarking case studies.

    Next year’s conference will celebrate Socitm’s 40th birthday and we are inviting members to share their memories, milestones and photos. For now, we have the last conference of our society’s thirties to enjoy and to inspire us. For those joining us in Birmingham this year, I sincerely hope you get the most out of what is shaping up to be a super successful event.

    Carol Williams
    Socitm president

    News: Use AI but do so responsibly, ICO tells infosecurity event

    The Information Commissioner’s Office (ICO) expects organisations to understand and manage privacy risks involved in artificial intelligence (AI) but does not want to frustrate its use, its principal cyber specialist Heather Toomey told the Information Security for London (ISfL) annual conference on 6 March.
    “The ICO does not and has never prevented innovation,” Toomey said. Instead, it wants AI projects to be undertaken responsibly with guardrails to protect individuals and it is reasonable for organisations to take some risks: “If you have looked at a particular solution and have assessed the benefit to your organisation still outweighs the risks, that’s OK,” she said, although organisations should document this process and mitigate these risks as is possible.

    She said the ICO will take enforcement action against organisations that behave recklessly with personal information but will generally work on improvements with those can explain why they have undertaken a particular course of action. “It doesn’t mean there’s a ‘no, you may never’. It’s always a ‘how’,” she added.

    Toomey said that good AI policies include examples of good practice, including AI tools that are suitable for specific purposes and types of data, as well as what is not allowed. This can help in tackling ‘shadow AI’, the unsanctioned use of AI services by staff, on which organisations need to find out what their users are doing to assess and mitigate risks.

    “The ICO does not and has never prevented innovation”

    Heather Toomey, ICO

    Two local government security specialists discussed shadow AI in a later session, saying that some council staff have used unmanaged AI services to attend and record virtual meetings on their behalf as well as in one case summarising more than 20 social care reports on individuals using ChatGPT.

    Peter Douglas, chair of ISfL and security compliance manager for the London Borough of Haringey and Ranisha Dhamu, chair of Information Governance for London (IGfL) and cyber and compliance manager of Shared Technology Services, said such tasks could could be undertaken with AI software managed by their organisations that includes guards on personal information. “Is AI the problem or are users the problem? That comes down to how it is developed and deployed and used,” said Douglas.

    Never say ‘a computer can never’ again

    • Event chair Colin Williams encouraged delegates to consider “agency in systems that do things” rather than artificial intelligence, to prepare for a future where non-human agents will increasingly replace people in cognitive tasks. “Arguments that are based on ‘a computer can never’ are not going to survive,” he said in his introduction to the event.
    • Danny Furnivall, who works for the Ministry of Justice and spoke in a personal capacity, demonstrated how security rules built into large language models (LLM) can be bypassed with ‘prompt injection attacks’. “Every LLM is vulnerable to this. Every application that is using the output of an LLM in any way is vulnerable to this,” he said.
    • Socitm associate director Dr Mark Brett said that security specialists must keep updating their knowledge, adding: “If you don’t want to keep learning and stay curious, don’t get into cyber because it needs lifelong learning.” The Cyber@Socitm section of Socitm’s website now includes specialist advice, including on securing specific local government departments (see Research view).

    News: Birmingham Foundry aims for savings through agility

    Birmingham City Council has saved more than £300,000 by setting up a new team that supports digital transformation, the council’s head of product told the Socitm Midlands event in the city on 7 April. Kat Sexton said that Birmingham Foundry aims to complete projects that support services in weeks rather than the months or years that were previously the norm. Since its foundation in April 2024 it has typically delivered projects in 11 weeks, although she said the aim is six to eight weeks. Service departments are asking it for support, whereas previously they might reject plans from the technology function.

    Birmingham canal district, by barynz on Flickr
    Birmingham canal district. Source: barynz on Flickr

    The service uses rapid reviews and has cancelled work that is not delivering benefits. Sexton said the team has avoided adopting agile development, preferring to do whatever works: “We think that’s an agile mindset and we try to use some agile tooling. But we are not forcing agile down people’s throats because it just seems, time and time again, it doesn’t work and people revolt.”

    Birmingham Foundry has used artificial intelligence in some of its work, including automated translations using Microsoft’s Azure OpenAI translation service. This project, which took about six weeks to set up, can translate text held within documents then republish them in the same file type.

    Sexton said the city council has been spending £350,000 annually on translations and the project initially hoped to cut to nearly zero but has found that human translators are required for some face-to-face work and remain a better choice for some complex, technical and legal jobs. The team has also developed an automated process for redacting documents which has helped reduce a backlog which risked the council being fined by regulators.

    Birmingham Foundry has worked closely with Birmingham City University, including inviting students to contribute to real projects and holding events in the university’s buildings. The project has also hired two of the university’s students, although one has since left.

    “We are not forcing agile down people’s throats because it just seems, time and time again, it doesn’t work”

    Kat Sexton, Birmingham City Council

    Sexton said that the city set up Birmingham Foundry to help improve service delivery, at a time when its financial problems mean it is having to reduce spending and tackle severe problems including an ongoing strike by refuse collectors. “We didn’t want it all to be about cuts and slashing and burning,” she said, although the team has realised savings by cutting spending with agency staff.

    “We are trying to innovate and transform to come out of this a better, more sustainable, more digitally enabled transformational council that can turn things around and not just slash,” she said.

    News: 48% of post-Act ICT-linked tenders marked as SME suitable

    Public bodies have categorised nearly half of the tenders that include ICT and have been published since the Procurement Act 2003 came into force as suitable for smaller businesses.

    The government’s Find a Tender portal has published 217 tender notices including codes relating to ICT in the 10 weeks since the act came into force on 24 February. Of these, buyers tagged 104 (48%) as being particularly suitable for small and medium sized enterprises (SMEs). This is a slightly lower level that the proportion for all tenders, with 53% marked as suitable for SMEs.

    Buyers tagged only 35 (16%) of tenders with ICT codes as suitable for voluntary, community and social enterprises (VCSEs), compared with 24% of all public tenders published during this period.

    Public bodies tender to smaller suppliers. Suitable for SMEs: ICT-related - 48%. All - 53%. Suitable for VCSEs: ICT-related - 16%. All - 24%.
    Source: 2,080 tenders published on GOV.UK Find a Tender, 24 February-4 May 2025. The 217 ICT-related tenders include a CPV code starting with 30 (office and computing machinery), 32 (telecoms), 48 (software) or 72 (IT services). For some, technology goods and services will make up a small part of the value.

    The Procurement Act 2023 aims to help SMEs and VCSEs bid for public sector work, including by simplifying the bidding process and placing a duty on contracting bodies to consider how to overcome barriers faced by smaller suppliers, as well as enhancing existing requirements for bodies to consider social value, or non-financial benefits. The government enhanced its existing Find a Tender service on GOV.UK, which previously covered larger tenders, to turn it into a central site for procurement.

    The 217 ICT-related tenders included one from Lancashire County Council for a ‘residential digital front door platform’ designed to support residents interacting with the council across a range of channels and worth £4.3 million including VAT. The county marked this as suitable for SMEs but not VCSEs and included a 10% weight for social value in the award criteria, compared with 30% for price. The council is using Social Value Portal, a London-based company, to assess this aspect.

    The sample also included a tender from the Tees Valley Combined Authority to install, maintain and operate a private 5G network at Teesside International Airport, worth £480,000 including VAT. The authority tagged this as being suitable for SMEs although not VCSEs and gave social value a 20% weight in the award criteria, the same as price.

    Wigan Council marked its tender for a child health engagement coordination service, worth £50,000 including VAT, as suitable for both SMEs and VCSEs. The work supports a listening exercise which will require some IT services, hence its inclusion in the sample, but technology is not the main focus. Wigan will consider social value as part of wider criteria on quality, worth 50% of the award weight with price making up the other half.

    Separate research by analyst Tussell found a spike in the publication of procurement notices by public bodies shortly before the Procurement Act came into force on 24 February, followed by a far fewer than usual in late February and early March.

    News: Nations and regions

    Based on stories featured in Socitm’s online digest of local public service news from Scotland, Wales, Northern Ireland, the Republic of Ireland and the nine regions of England

    Nations and regions news map UK illustration

    River Severn Partnership uses mobile infrastructure to monitor rainfall

    The River Severn Partnership Advanced Wireless Innovation Region, which is run by Shropshire Council with UK government funding and covers eight English and Welsh councils, is using Vodafone’s network infrastructure to monitor rainfall through changes in signal strength. This uses microwave links between masts as virtual rain gauges, improving ‘nowcasting’ or short-range forecasting of rainfall to support flood protection work.

    Hertfordshire County Council has been trialling laser technology mounted on the roof rack of a vehicle which is designed to spot areas of road with cracks or weaknesses that could benefit from preventative road maintenance work. The system, Robotiz3d’s Arres Eye, collects data on defect dimensions, location and severity level, with the council planning to survey a trial route multiple times over several months to look for changes.

    Argyll and Bute Council has used drones for a range of applications including vegetation management and delivering school meals and medication. It has run pilots of the technology with UK government funding, linked to plans for an advanced air mobility hub at Oban airport.

    Councils use AI for chatbots, translations and social work

    Several councils across the UK and Ireland have announced new initiatives involving artificial intelligence (AI). Thurrock Council launched an AI-based, voice-activated chatbot, initially to answer questions from callers about council tax. Derby City Council upgraded its online chatbot Darcie to answer more complex questions using generative AI including enquiries on adult social care, in English and the city’s nine next most common languages, and Derbyshire County Council has introduced a service providing automated translations of material on its website.

    Hillingdon Council has launched an AI-based customer service system which can deal with web and telephone queries in multiple languages, while Cllr Peter Mason, the leader of neighbouring Ealing Council, has said that use of an AI system is saving social workers 40% of their time by recording and summarising conversations with service users. Meanwhile, Dublin City Council has opened a local government generative AI lab with Trinity College Dublin and the ADAPT Research Ireland Centre to investigate how councils can use the technology.

    Bolton’s coroners service introduces digital autopsies

    The Manchester West coroners service, which is led by Bolton Council and also serves Salford, Wigan and Leigh, hopes to replace three-quarters of physical autopsies with non-invasive digital equivalents through the use of new radiography equipment at Royal Bolton Hospital. This uses scans of internal organs and tissues to generate reports for pathologists, meaning that in many cases autopsies can be carried out in hours rather than days without an invasive post mortem.

    Essex County Council, Southend City Council, Thurrock Council, local NHS organisations and social care providers have launched the Mid and South Essex shared care record service. It allows health and care professionals to access key information on people’s health history, allergies and medication, which can be lifesaving in emergencies.

    Monmouthshire County Council is using assistive and smart technology to help people with restricted mobility to continue to live in their own homes, including by fitting lights and automated voice-controlled ‘smart curtains’ controlled by smart speakers, the latter designed to avoid the risk of a fall.

    Main feature: A survivor’s guide to LGR

    The current wave of English local government reorganisation will have a big impact on those working for affected local authorities according to two veterans of the previous round, writes SA Mathieson

    Illustration of a jigsaw puzzle showing the complexity of the LGR transformation process

    On 1 April 2023, the UK cast 55,000 Britons out of Eden. The district council named after Cumbria’s Eden river was one of 20 county, borough, city and district authorities that 2023’s local government reorganisation (LGR) replaced with four unitary councils, although two of them had identical borders and almost identical names to the county councils they replaced.

    Somerset County Council and its districts Mendip, Sedgemoor, Somerset West and Taunton – itself the result of a 2019 merger – and South Somerset became Somerset Council. North Yorkshire County Council and Craven, Hambleton, Harrogate, Richmondshire, Ryedale, Scarborough and Selby district councils combined as North Yorkshire Council. Cumbria County Council and its districts were split into Cumberland Council, which took over the areas previously served by Allerdale, Carlisle City and Copeland councils, and Westmorland and Furness Council covering the former areas of Barrow-in-Furness, Eden and South Lakeland councils.

    In 2023, LGR affected more than 1.7 million people in three English counties. While significant, this will be overshadowed by the government’s new LGR programme to convert all 21 remaining two-tier county council areas in England into unitaries. Local government minister Jim McMahon asked councils in the targeted areas for interim responses by March, which will be followed by detailed plans by 28 November. After that the government will decide which options go ahead and most of these areas will be served by new unitary councils from 1 April 2028, known as ‘vesting day’, although Surrey may make this change a year earlier.

    LGR will particularly affect those who work at the 200-plus local authorities which will be scrapped in their current forms. The process could take up months or even years of their working lives, many will find themselves in new roles, and a few (mostly senior) will find themselves out of a job. According to two of those who went through 2023’s reorganisation, the process may be disruptive, stressful, upsetting and also rewarding. And while the shapes of new authorities are yet to be undecided, they both believe it makes sense to start working on LGR now.

    Good housekeeping

    Helen Blake used to run libraries, archives, corporate policy and scrutiny and refugee resettlement for Cumbria County Council. Like most staff she was allocated a job in one of the successor authorities, with those affected able to state a preference between the two. She then successfully applied for a promotion to be Westmorland and Furness Council’s assistant director for customer and digital.

    “If there is any housekeeping you can do now before decisions are made around what the geographies are, then get your house in order,” Blake advises, including collecting or updating baseline information on operations and staffing. “You will need to start explaining your services to colleagues you haven’t worked with previously.” She adds that this works both ways, and you are also likely to look at how other people have run something. “You spend a lot of time taking the lid off things and saying oh, I wasn’t expecting that or have done it that way. But you need to remember everyone has been doing what they’ve been doing with the best intentions,” she says. “Try to take a no-blame approach, take what you’ve got, be pragmatic and move forward with it.”

    Steve Cotton, a Socitm associate, says that spending time now building registers of software applications, contracts and data architectures will pay dividends throughout the reorganisation process. The information may be useful for business cases and risk assessments of merger options, as well as helping later contract decisions, such as choosing short-term renewals. There may be little time for this after November: “Once decisions have been made, there is going to be a lot of work just to get the IT landscape set up,” he says.

    “Try to take a no-blame approach, take what you’ve got, be pragmatic and move forward with it”

    Helen Blake, Westmorland and Furness Council

    Networking opportunities

    Blake says it is worth networking with people from the organisations you will combine with, although adds: “It can get tricky, as you may be in competitive situations for jobs.” However, she is grateful for connections she made on cross-authority working groups set up in Cumbria: “That really helps down the line, having some established relationships.” The reorganisation is likely to make much of your knowledge of who does what within the organisation obsolete, cancelling the short-cuts that many rely on to get things done, making a new informal network very useful. Blake adds that it is worth finding someone in a similar role who has been through LGR in the past, although she adds that she found it hard to believe the colleague who said he couldn’t see his own staffing information during an earlier reorganisation, only for this to happen to her.

    She recommends being kind to yourself and others throughout the process: “Be realistic about expectations of yourself and how fast you can go,” including in relationships with colleagues and elected members. And she suggests booking holidays early: “I wish I had put more regular leave in. Plan some of that time in now, as once you’re in it, it’s full on.”

    Four or five into one

    Combining several organisations’ ICT into one can be a huge job. Craig Wilkins, who was head of service for IT at Sedgemoor District Council and is now head of information systems for Somerset Council, started working on the reorganisation around 12 months before it took place. The county’s councils had considered asking to be split into two unitaries such as in Cumbria, but then local government minister Robert Jenrick decided on a single authority.

    This crystallised things: “It brought everyone together, positive and negative,” says Wilkins. Staff in the five councils drew up lists of ICT assets, products and services and looked at budgets and existing policies. “By the day we got to vesting day we had to ensure we had single policies,” he says, such as those on cyber, data and information.

    The Somerset councils managed some consolidation of systems by vesting day. The four districts all used different electoral management systems, although three were from the same supplier iDox and they all moved to iDox’s main system in time for the May 2023 elections. The new council adopted Microsoft Dynamics Financials on day one, taking advantage of the fact that Somerset County Council had already decided on it as a replacement for an ageing SAP system, although the new council is still optimising the solution for local government operations. The council successfully moved its payroll to a single county system and, Wilkins recalls, also deployed a revised desktop with associated branding that provided a symbol of service unification.

    But in other areas Somerset Council left multiple legacy systems in place, including data centres where it continues to use some of those inherited from its predecessors. All five organisations used Microsoft Teams but did so in different ways, along with different telecoms providers. It has proved easier to wait for each predecessor’s Crown Commercial Services Microsoft licence and associated telecoms contracts to end rather than try to merge them early. Somerset Council still has five planning systems, four previously run by districts and one used by the county for minerals and waste, something Wilkins thinks could take up to another two years to resolve fully.

    On revenues and benefits, Sedgemoor ran an in-house system, two districts used commercial software and another outsourced the work to Capita. Somerset Council has since awarded a contract to NEC, one of the commercial software suppliers, to provide a new council-wide cloud-based service. It plans to move to the new NEC system by September, about 18 months after starting the process, but will initially hold each district’s data in a separate instance. It will then merge these, probably by the end of the financial year in March 2026.

    “These are big case management solutions with thousands of transactions and properties affecting the wider population in Somerset. Even just migrating the data takes time to lift, shift and transform,” says Wilkins. He adds that wider legacy data aspects will need considering, for example Somerset Council initially buying read-only licences for its old financial systems but now moving to an in-house archive service to reduce revenue expenditure.

    Dividing what you developed

    There are further difficulties in reorganisations that split areas as well as merge them. Helen Blake had to work out how to divide the assets of county council services she had spent several years developing: “There’s a lot of practical work to do but there is a lot of emotion over services you have cared for, brought together, nourished and nurtured, then all of a sudden you are making really difficult decisions,” she says. “At the same time you are trying to continue to run your service as well as thinking about the uncertain future.”

    There can be cultural challenges when staff focused on operations realise that the reorganisation is imminent. “The language that you use turns into ‘this council will not exist any more’,” says Blake. “That’s quite a milestone moment to start talking to people about the end of something. While you might think it is going to feel the same post vesting day, it is not the same – it is a brand-new council.”

    “You don’t want to throw the baby out with the bathwater, you don’t want to lose everything the legacy councils had worked on, but the sooner you can accept this is a new council and embrace that, that’s helpful,” she adds. “Lot of people, and it’s understandable, hold on to the old council and talk about the way ‘we’ do things. Well, ‘we’ doesn’t mean ‘we’ in the way it used to any more.”

    The day one difference

    Both Blake and Wilkins say they increasingly focused on making services safe and legal as vesting day approached. “Everything is about readiness for day one,” says Blake. “Then from day one it is very different. Things that felt that they might be a good idea before vesting day, you quite quickly realised were not going to be sustainable.” The two new Cumbrian councils started with some services hosted by one on behalf of both, a model which she says got them over the hump but which in some cases started to feel less sustainable as the organisations diverged.

    “You think you have got to the end, but when you get to vesting day, that’s just the start really”

    Craig Wilkins, Somerset Council

    Wilkins says that Somerset Council would ideally have adopted the best systems and practices from its predecessors, but often settled for what worked. As a result, in some areas of processing it performs less well than its former councils: “It isn’t as efficient as it used to be,” he says. The new council has just undertaken an internal restructuring, which he adds in an ideal world, which it isn’t, would have been better adopted on vesting day. More work on the new organisation’s connecting infrastructure would also have been worthwhile: “Each individual authority had resilience in one shape or form, but when you come together as one, if you are not careful you create a hub and spoke ecosystem,” he says, although Somerset continues to address such weaknesses.

    Overall Wilkins says that the reorganisation was a bruising process, with around half of the former district council’s IT staff having left. “You will lose good people. Don’t expect to have the same people around you when you start and when you end,” he says. “It is hard. We spent the 12 months before on solid work creating everything – meetings, virtual, physical, whatever, it was constant. You think you have got to the end, but when you get to vesting day, that’s just the start really.” He believes it may take five to seven years from vesting day for Somerset Council to complete all the consolidation and convergence work and for the organisation truly to become one efficient interconnected body.

    He agrees with Blake that cultural differences can add to the pressure: “Some of my colleagues very much felt it was a hostile takeover.” There can be significant differences between lower-tier authorities, where staff often multitask across domains given they work for much smaller organisations, and county councils where people tend to operate in single domains. “That has caused quite a bit of conflict going through the process that we did,” he says. “But as long as you keep a tight grip on it, it is manageable, which is what I think we did.”

    Moving to unity

    Reorganisation can bring benefits as well as challenges. Somerset is greatly reducing the number of software applications it supports and has improved its information security, including better monitoring and threat reaction, although Wilkins warns that local authorities are likely to be vulnerable around the point of change. Somerset has also devolved more services to town councils, typically services that districts used to carry out such as the upkeep of open spaces including parks and street cleaning.

    Socitm’s Steve Cotton says LGR provides an opportunity to remove inefficient systems and processes. “Aside from the difficulties and human costs, it is also going to be very interesting and exciting,” he says. “For the first time in a very long time, this is an opportunity to create new best practice and do the things you have always wanted to do.”

    For Blake, the reorganisation led to a more senior job. She now has a better understanding of what matters to residents including bin collections and council tax, both high-volume and high-profile services previously carried out by districts. Westmorland and Furness Council still has separate customer service teams but has some colleagues from legacy teams sitting next to each other, in advance of a shift to fully integrated teams.

    Blake says that in the two-tier system residents would call the county to be told they had to talk to a district or vice versa, but now the unitary can handle both. “There’s a lot of learning to do about the functions of a new unitary, getting to understand what was each other’s business which is now our business,” she says. “Customer service agents have had to learn about the totality of what’s on offer. Residents don’t care which council you used to work for, they are just ringing up the council.”

    Two years after vesting day, she adds that things remain really challenging. “But there are absolute moments of light, when you can see your teams beginning to settle, the relationships are forming as things start to align a bit more. Seeing that happen now, you do start seeing what some of those opportunities are to join up and do things differently.”

    Read more

    How Socitm can help

    As local government reorganisation and devolution continue to reshape the public sector landscape in England, councils are being asked to do more, faster and with fewer resources, writes David Ogden.

    The pressure to maintain frontline services while planning for long-term, digitally enabled transformation is constant. At Socitm, we’ve responded by strengthening our offer to support councils with expert, independent guidance through this period of unprecedented change.

    Our goal? To help councils become more self-sufficient in digital, data and technology (DDaT), and better equipped to deliver modern, citizen-focused services. Crucially, we’ve increased our capacity to deliver by welcoming three highly respected associates into our fold: Andrew Rogers, Paul Cotton and Steve Cotton.

    Together, Andrew, Paul and Steve bring a wealth of experience in local government digital transformation. These are individuals who’ve lived and led DDaT in the public sector. They understand the pressures, the politics and the practicalities. They’ve been there, done it and wear the scars with pride.

    With this expanded team, we can now offer even more hands-on support to councils navigating the demands of reform, from strategic planning through to implementation. Here’s a look at how we can help:

    1. Strategic transition and transformation support: We work with councils to modernise legacy systems and prepare for future delivery models. Our guidance is practical and grounded in experience, backed by frameworks and templates designed specifically for local government needs.
    2. Collaboration and coordination: Whether you’re joining up services across new unitary boundaries or managing complex devolved functions, we help align stakeholders and facilitate meaningful collaboration. That includes public sector partners, elected members, suppliers, and government bodies.
    3. Leadership and skills development: Through training, coaching and mentoring, we help equip your teams to lead digital change with confidence. We support senior leadership as well as operational teams, ensuring your workforce is ready for what comes next.
    4. Unlocking innovation through data and AI: We can support your organisation to embrace data-driven decision-making and emerging technologies like AI, ensuring your services are more proactive, efficient, and responsive.

    At Socitm, we’re proud of our deep roots in local government – and of our ability to adapt to meet the sector’s changing needs. By bringing in Andrew, Paul and Steve, we’ve added significant depth and experience to our offer. More than ever, we’re ready to be your strategic partner for the future.

    If your council is facing the challenge of reform or simply wants to build greater digital resilience, we’d love to talk to you. Contact us at: hello@socitm.net

    Research view: How to tailor cyber security for different local authority departments

    Closeup of a person's hands typing on a laptop keyboard by freestocks on Unsplash
    Source: freestocks on Unsplash

    Authorities need to consider the specific security requirements of leaders, social care, finance, HR, procurement and electoral registration writes Socitm’s cyber security and resilience advisor Dr Mark Brett

    Cyber incidents can have a significant impact on local authority staff, both professionally and personally. Breaches of sensitive staff information, such as personal details or payroll data, can lead to identity theft, fraud or other forms of exploitation. Additionally, if workplace systems are compromised, staff productivity and morale may be severely disrupted, causing frustration and delays in fulfilling job responsibilities.

    The stress and uncertainty of dealing with such incidents can also take a toll on staff morale, mental health and overall wellbeing, potentially leading to long-term impacts on employee engagement and trust in the organisation.

    Threats can come from both external and internal sources. External attacks are often orchestrated remotely and can be polymetric, originating from multiple locations. Internal threats can be unintentional (such as user errors and loss of devices) or malicious (including fraud and data theft). The increasing complexity of ICT systems, especially in hybrid, cloud-based and on-premises environments, presents challenges in identifying and prioritising critical systems for recovery.

    Chief executive and chief officers

    Senior leaders are high-value targets for cyber criminals due to their access to sensitive organisational information and decision-making authority. A successful cyber incident targeting these individuals, such as a phishing attack or a breach of their accounts, could lead to exposure of confidential data, unauthorised actions in their name and strategic decisions being influenced by malicious actors.

    Furthermore, the public and stakeholders may lose trust in the organisation if its leaders are compromised, leading to reputational damage that could affect the organisation’s operations and standing.

    To mitigate cyber risks, it is vital to educate senior leaders about the potential risks and consequences of cyber incidents and the specific threats they face. Offering guidance to senior leaders is essential on how to protect themselves from harm.

    Social care

    The compromise or leakage of sensitive information in social care services can have severe repercussions, particularly for children and vulnerable adults. Such incidents may involve unauthorised access to personal, medical and financial records, leading to identity theft, fraud and exploitation of highly sensitive data. Vulnerable individuals may be affected by a cyber incident, facing increased risks of harm, as cybercriminals could target them or exploit the breached data for malicious purposes.

    To mitigate the risks and minimise the consequences of a breach, social care providers must prioritise robust cyber security measures. This includes conducting regular vulnerability assessments, ensuring that data is encrypted both at rest and in transit, and implementing access controls to limit who can view sensitive information. Staff training is vital, emphasising secure data handling practices and recognising phishing attempts or other cyber threats. In the event of an incident, having a clear response plan can help contain the damage and protect vulnerable individuals from harm.

    Finance

    A cyber incident in the finance department of a local authority can have devastating consequences, particularly if financial data or systems are compromised. Such breaches may result in significant financial losses through fraud, unauthorised transactions or theft of sensitive data. Furthermore, the breach of financial systems can disrupt business operations, leading to service downtime, reputational damage and a loss of customer confidence.

    To mitigate these risks, finance departments should adopt best practices that prioritise data security and regulatory compliance. This includes the use of encryption to protect sensitive financial data both in transit and at rest, and the implementation of strict access controls to ensure that only authorised personnel can access critical systems. Regular audits and penetration testing can help identify vulnerabilities before they are exploited by malicious actors.

    Human resources

    Human resources (HR) departments handle vast amounts of sensitive employee information, including personal identification details, payroll data and performance records. A cyber incident compromising an HR system can result in unauthorised access to information, leading to identity theft, financial fraud or exposure of confidential employee records. Such breaches can also disrupt HR processes, causing delays in payroll, recruitment or compliance reporting.

    To mitigate these risks, HR departments should implement strong security measures, such as encrypting sensitive data and using access controls to ensure only authorised personnel can access HR systems. Regular security training for HR staff on identifying phishing attempts and safeguarding data is crucial. Conducting routine audits and collaborating with legal and IT teams to ensure compliance with regulatory requirements, such as GDPR or country-specific employment laws, is essential.

    “If workplace systems are compromised, staff productivity and morale may be severely disrupted, causing frustration and delays”

    Dr Mark Brett, Socitm

    Procurement

    Cyber incidents in procurement processes can lead to the exposure of sensitive information, such as supplier bids, pricing strategies or contract details, which may be exploited for financial gain or unfair competitive advantage. Such breaches not only undermine trust in the procurement process but can also disrupt decision-making, leading to delays or compromised processes or outcomes

    To address these risks, organisations must embed cyber security into their procurement practices, beginning with the inclusion of robust cyber procurement clauses in contracts. These clauses should require suppliers to adhere to established cyber security standards, conduct regular risk assessments and report any breaches promptly. Organisations should also evaluate suppliers’ cyber security capabilities as part of the selection process and ensure ongoing collaboration to manage risks effectively.

    Electoral registration

    Cyber incidents affecting electoral registration systems pose a serious threat to the confidentiality and integrity of sensitive voter information. Unauthorised access or breaches could expose personal data such as names, addresses and voter registration details, increasing the risk of identity theft and undermining public trust in the electoral process.

    Furthermore, a disruption to electoral systems caused by a cyber attack could interfere with voter registration, compromise the accuracy of electoral rolls or even impact the fairness and transparency of electoral outcomes.

    To mitigate these risks, electoral authorities should implement stringent security measures, including encryption to protect sensitive data both in transit and at rest, and robust access controls to limit system access to authorised personnel only. Collaborating with relevant authorities and adhering to regulatory requirements are essential to maintaining compliance and safeguarding electoral integrity.

    This is extracted from cyber security guidance for public sector practitioners, a guide available to Socitm members.

    Read more:

    Personal view: Navigating local government is never plain sailing

    Socitm’s newest vice-president, Kevin Taylor, on his varied career, the challenges of local government reorganisation and the parallels between sailing and management

    Kevin Taylor taking a selfie on a boat in Vilamoura marina, Portugal
    Kevin in Vilamoura marina, Portugal

    About Kevin

    Kevin has worked in technology management in both the public and private sectors, including for Essex County Council, Breckland District Council, BT and Methods Advisory. After serving as head of IT for West Suffolk District Council he moved to Suffolk County Council. He now works there as one of four product managers running technology for specific services, where he is responsible for growth, highways, infrastructure, fire and public safety. He also manages technology services provided by the county for Babergh and Mid-Suffolk district councils.

    Q. How did you start working in the public sector?

    I moved into an electrical engineering apprenticeship straight from school, which was short-lived as the company went into liquidation. I joined the Post Office and worked for its bullion team, as a counter clerk, in revenue protection and then for the newly-formed computer unit. While taking a Btec in computing studies I moved to Essex County Council as a systems analyst, where I progressed to being an IT manager overseeing one of the first outsourcing of property functions.

    I joined BT where I was service delivery manager for Kent County Council then moved to the financial services unit BT Radianz as Thompson Reuters delivery partner, where success was measured in speed of packet delivery to Asia-Pacific news organisations rather than hours or days of service uptime. That provided a different perspective on IT and its value.

    Changed home circumstances caused me to return to the public sector, first Breckland District Council in Norfolk as head of IT and business improvement, then the Construction Industry Training Board, a quango. I moved to Methods Advisory, a consultancy, where I looked after public sector clients, but this involved significant time working away from home so I moved back again to local government, firstly the newly-formed West Suffolk Council then Suffolk County Council, a contracting role that was converted to a permanent job.

    Whenever I’ve been outside the public sector I have always said I will not go back in again, but there is always the lure of giving something back, working with a committed team that is almost like a family.

    However, commercial acumen involves the ability to get things done quicker. Local authorities can be quite institutionalised, with a lot of people who work in them for 10, 15 or 20 years and would benefit from a spell outside the public sector to learn how to work more commercially and in a more agile way.

    Q. How are you preparing for local government reorganisation (LGR) in Suffolk?

    It is early days at the moment. We need to do a big due diligence exercise at some stage with colleagues across the region, but we don’t currently know the size of LGR and devolution. It will be a time of unrest for local authorities which will require leadership, management and change management skills, as well as very strong communication skills. It will also require a significant amount of stakeholder management across the whole region, because there will be people 100% against the model, irrespective of which model it is – you will never get consensus.

    There will probably be some significant data challenges on sharing and transfers as well as a raft of security issues as a result of the transition and mobilisation phases. But technology tends to do what we ask of it and there are new tools out there such as artificial intelligence and copilots. Some of the changes the Labour government has implemented through the revised Government Digital Service model will help – there will be tools at a national and regional level that were not there before. It is predominately a people issue, I think.

    I was part of an LGR process way back in 1997. I remember very onerous tasks of capturing work patterns, which influenced how much money was transferred between the organisations. It is a process we will need to go through again, along with contract and procurement changes. This time around the challenge is much bigger as there are almost no local authorities that are in strong financial situations and in many cases we will be shifting debt from a number of smaller authorities into one larger authority.

    Q. What do you see as key projects in your career?

    I have worked on taking a service back from an external company which was very successful and saved the local authority a significant amount of money. I have also worked on a shared service between local authorities for which the business case was very sound but which was binned at the eleventh hour due to political decision-making. It doesn’t matter how good a project is, if it hasn’t got the political will it isn’t going to go ahead.

    While at BT, I worked on behalf of Kent County Council on a massive infrastructure refresh programme which the council could not have driven forward by itself. By making that investment early, Kent was able to realise savings much more quickly as well as a bunch of secondary benefits.

    Q. How did you get involved with Socitm?

    I first joined in the early 1990s. For me, the value has always been in the networking in between presentations at events, although some of the presentations and speakers have been absolutely awesome. I can remember statements made at Socitm events many years ago, such as the idea of ‘cost-benefit savings harm’ from a former chief executive of Lewisham, the harm you will do by not investing in something improving – we never measure the impact of us not doing anything.

    The public sector is a community where you can drop something into a chat forum and say help, who has had this problem before, and get a bunch of responses. There is no hidden agenda or revenue generation opportunity – people do this for the betterment of residents and services.

    While at West Suffolk about five years ago I opted to be vice-chair of the Socitm East region, which I really enjoyed. It was nice pulling organisations together, providing subject matter that was of value and importance to regional colleagues and meeting different people. After that I became chair of the eastern region then I had two goes at being a Socitm vice-president – I threw my hat in the ring a couple of years ago and someone else got the role at the time, then last year I was successful. It allows me to influence and use some of my skills and expertise, including from the private sector, as well as understand at a deeper level other people’s issues, challenges and opportunities.

    Q. What do you enjoy doing outside work?

    I enjoy sailing, which I do with friends a couple of times a year, and I see a lot of similarities between sailing and working in local government. You set sail with a clear destination in mind, much like local government leaders setting out with specific goals and objectives for their communities. Initial planning is crucial for both: sailors chart a course taking into account wind, tides and currents, local government officials develop strategic plans that consider the socio-economic landscape, community needs and available resources.

    Changing course is equivalent to adapting to new realities, weathering storms is resilience in the face of adversity, trimming sails is a way to optimise performance and we all have to navigate uncharted waters when undertaking innovation. Socitm fits into this too – a network of like-minded colleagues is the career equivalent of a secure anchorage, but also being prepared to tack and jibe when circumstances change.

    Socitm overview: How Argyll and Bute, Dorset and Worcestershire benefit from Socitm’s benchmarking and survey services

    Argyll and Bute Council has used Socitm benchmarking since 2005, allowing it to track its ICT performance over time, look for gaps in what it provides then check they have been filled. “Our purpose in benchmarking is to measure ourselves as our customers see us – there is no point in thinking we are making improvements without asking our customers,” says John McVey, ICT production manager, in the case study.

    McVey adds that the council, which covers a geographically diverse area including dozens of islands, is likely to have poorer network provision than a big city authority. “What you need to focus on is identifying the gaps in your performance, then use that to focus internally on improving in those areas. If improvements are implemented, your next benchmarking exercise should see a better set of results,” he says.

    In some cases comparisons are useful, however. Argyll and Bute has worked to improve its service desk operation following benchmarking results six years ago which showed high average times to resolve incidents and high numbers of incidents compared with other Socitm members.

    The council undertook a major review of its service desk, adding a self-service portal, a knowledge base and an improved management system which incorporates artificial intelligence learning.

    “If you start to tell the service desk portal what kind of incident you are reporting, you get suggestions and links to internal articles on how to resolve your issue,” says McVey. “Education staff really like that, because a teacher reporting an incident to IT only has a few minutes between classes.”

    New operating model after reorganisation

    Dorset Council, which was established as a new unitary authority in 2019, used Socitm’s benchmarking and staff survey in 2021 to assess the performance of its ICT operations as part of a new value for money process. The results were largely positive, although the survey found frustration among senior managers and leaders.

    This contributed to developing a new target operating model for Dorset Council which includes a new customer relationship management and enterprise resource planning systems and wholesale use of generative artificial intelligence including in the contact centre and social care.

    James Ailward, head of IT operations (CTO), says that running the benchmarking and the customer survey in parallel was key: “Bringing those two datasets together gave us the strategic insight that operational services were good but the support for transformation was less good. We would not have got that from just doing benchmarking on its own.”

    Independent and cost-effective comparisons

    Worcestershire County Council has used Socitm benchmarking and surveying to provide an independent assessment of its IT in comparison to similar organisations, according to its former assistant director for ICT and digital Sandra Taylor, also a former Socitm president. “You don’t know until you ask people,” she told a November 2023 webinar. “You think you know, but ultimately with all services you have got to ask what they want and whether we have designed those processes and services from their perspective.”

    Make sure to use your free benchmarking module! For 2025 only, all Socitm membership packages include one free module. You can choose between user satisfaction, cost, delivery, performance or user skills. Find out more about our benchmarking services

    Socitm overview: Celebrating success with Socitm Awards

    We’re extremely proud to celebrate the success of our society and its members in what has been an incredibly challenging year. We have lots to shout about with so much achieved by so many

    Illustration showing a variety of awards and medals with confetti round them

    The judging panel for 2025 consists of representatives from Socitm’s leadership team and board, as well as others from academia, public, private and third sectors. This year’s awards will be presented at Socitm’s President Conference in Birmingham, June 10-11. The categories are as follows:

    People:

    • Cyber security visionary award (Sponsored by Crayon and WithSecure)
    • Leadership advocate of the year
    • Member advocate of the year

    Organisations:

    • Partner of the year
    • Partner and customer collaboration of the year

    Initiatives:

    • AI initiative of the year (Sponsored by Microsoft)
    • Data initiative of the year (Sponsored by Impera Analytics)
    • The shift left award (Sponsored by Silktide)
    • Transformation initiative of the year (Sponsored by Kerv)

    Product or service:

    • International innovation of the year
    • Service delivery project or initiative of the year (Sponsored by Abzorb)

    Full details of each award and past winners can be found at socitm.net/socitm-awards

    Wanted! Your Socitm memories, milestones and photos for our 40th birthday

    In 12 months’ time, Socitm will celebrate its 40th birthday at the 2026 President’s Conference. To do this properly, we are inviting everyone who has been involved in the society since 1986 to pass on memories, milestones and photos. We will use what we receive for a written history of Socitm’s history, online and at our events next year.

    Share your memories and milestones with us, and if you have any photos to pass on or would like to get further involved in the celebrations, please send an email to hello@socitm.net with the subject line, ‘Socitm@40’. For each item we would like to know when (just the year); where for memories and photos; what for memories and milestones; and who for photos – if you can remember. You can provide as many or as few memories, milestones and photos as you like.

    Local and national events

    As well as our President’s Conference, we run local and national events throughout the year, in-person and online. Make the most of your membership, meet colleagues and expand your knowledge with Socitm events.

    Discover all of Socitm’s events, programmes, courses, webinars and workshops

    View events calendar

    Have any feedback? Email us at hello@socitm.net