Councils lacking a consistent view of cyber security

New government research has found inconsistencies across local authorities in England as to what cyber security is as well as its threat to their organisations.

Having interviewed 163 local authorities across England on ransomware, the Ministry of Housing, Communities and Local Government report sought to identify how central government can reduce risk and optimise spending in support of, and collaboration with, local authorities.

However, responding authorities had difficulty providing uniform definitions of what constitutes a breach, despite 37 attempted breaches of UK local authorities occurring every minute.

Although the National Cyber Security Strategy includes information management as part of its cyber security definition, stakeholders quoted in the research felt that information management is separate to cyber security, whilst also expressing the view that cyber security and risk related solely to penetration testing, defending against hackers and defending against virus threats.

The report says that this forms an ‘incomplete perspective’ as it excludes cyber risk extending to the systems, the data kept in the systems, the hardware used to access the systems and the services provided.

Cyber security was also viewed by the majority as a technical issue, rather than a business responsibility.

Please register to comment on this article