As the UK's towns and cities increase their dependence on technology to deliver a smart, connected experience for residents, they run the risk of being victims to cyber attacks - says new guidance from the National Cyber Security Centre (NCSC), released today.
The guidance sets out a number of cyber security principles for 'connected places' in order to promote secure design, build and management of public realm technology, infrastructure, and data-rich environments for local authorities. NCSC is part of GCHQ.
The threat is very real: in October last year Hackney suffered a cyber attack, which the London Borough expects to cost it in the region of £10m to recover from. This follows another cyber attack on Redcar Council in February 2020 that has cost it £10.4m.
Join us for a live panel discussion (4.30-5.15pm, 18th May) featuring Smart City leaders from Sunderland, Newcastle and Cheltenham.
(Free for public sector.)
According to the NCSC guidance, the first step in designing, building, and operating a connected place is to fully understand the risks and potential impacts on a Local Authority, and the role of suppliers in mitigating - but also being unwitting vectors - of threats.
Having developed understanding and context for a connected place, Local Authorities' priority should be to design their connected place to minimise exposure, protect data and ensure effective monitoring.
Having followed the connected place design principles to make compromise difficult for any attacker, the priority should then be to manage your connected place's privileged accesses and supply chain throughout its life cycle. This will include managing incidents, and planning for response and recovery.
James is the Editor of Government Transformation magazine, and has been covering digital government and public sector reform for 20 years. He also oversees the development of the UK's biggest network of public sector transformation conferences.