“We have a new proactive response to all threats”
A new model of local government emerged for Buckinghamshire at the beginning of April this year as Buckinghamshire Council became a unitary authority responsible for all the local government services in Buckinghamshire, writes Tony Ellis, service director ICT at Buckinghamshire Council. The new council replaced Aylesbury Vale District Council, Buckinghamshire County Council, Chiltern District Council, South Bucks District Council, and Wycombe District Council.
Planning for the new unitary council has taken place over the past year. With each local authority having their own systems and networks, the task of safely connecting everything was critical. A key part of the design thinking included reviewing cyber security tools, policies and procedures to ensure the protection of our combined network, systems and data.
Prior to the launch of the new council, the individual councils were using a wide range of traditional, complex and resource intensive tools to monitor the network. One of the major drawbacks of this traditional model is that it’s hard to see the wood from the trees (where the sheer volume of events made it difficult to identify and prioritise).
Faced with the demands of becoming one organisation, and with legacy cyber monitoring tools, the team needed to adopt a different approach. We needed a single easy-to-use solution that enabled an immediate response to prioritised and risk based events. A single cyber pane into the IT environment.
Buckinghamshire County Council were already in the process of taking a different approach and establishing a managed security service before the councils came together as one. We were aware that any system we implemented must be agile enough to move with the changing landscape with the aim of having a simpler, more streamlined and proactive cyber security mindset to make the most of the technology and resources available.
As a single council, moving the combined cyber security operations to the next level was essential. Comprehensive measures were put in place to protect our services, staff, systems, data and community from the ever-increasing worldwide threats. We were able to replicate our success with the managed security service from Hytec at the former Buckinghamshire County Council and implement the approach across the new unitary council; a partnership which has led to a virtual team comprising both Hytec and our own staff.
High-level recognition of the importance of cybersecurity, investment in the most cost-effective resources, and a shared focus across the council has been imperative to our proactive approach. Today we protect five legacy networks their services and systems under one managed security service. With 24/7 monitoring in place, this has enabled us to see the bigger picture and take a more proactive approach against potential risks and cyber-attacks.
Moving from the traditional and more reactive system which is resource and time intensive, the new managed security service gives us a streamlined view of alerts with access to industry knowledge from cyber security experts, and has enabled us to focus on the critical events. As a result, the dynamics of our operation has changed, creating a simpler, responsive service enabling us to react quickly and proactively at the right level.
In an average month, our managed security service monitors more than 100 million events across the Council. This is a far easier, and more cost-effective way to monitor events, and places us on the front foot of any issues, with 98 percent of alerts filtered out before they reach our team. The biggest benefit we have seen is the speed in which we can now respond to and resolve issues. This was highlighted recently during a phishing exploit; the identification and rectification of which took just 30 minutes.
Integrating the managed security service into the overall operation of the new council has been a relatively smooth transition during a busy and challenging time. Through implementing an adaptive system, we are moving to a proactive frame of mind, something which is key in 2020.
Launched during the coronavirus pandemic, Buckinghamshire Council has opened in an incredibly challenging time for the IT team, as ways of working have changed significantly. The year started with the move towards a new council and one network, single email systems and much more whilst connecting legacy systems and networks. It quickly escalated during the outbreak, with the need to connect more than 3,000 workers at home, ensuring all staff had the right devices and appropriate access to council systems.
As cyber-attacks become ever more prolific and sophisticated and cyber criminals exploit gaps and vulnerabilities in security, local authorities are now most definitely on their radar and we need to be ready to respond quickly and effectively. Cybersecurity in a local authority brings new opportunities and challenges each day. What’s important is that the public sector becomes more vigilant than ever, and has the policies and procedures in place which can support and adapt a growing new council in the new world.
Alongside all of this, we have a new proactive response to all threats and a strong partnership bringing expert knowledge and skills into the new council to keep our systems secure. As NCSC guidance states, the risk is never zero but the key is to reduce the risk as much as possible.