LGA - Councils need more funding to protect against big rise in cyber attacks

19 Oct 2017 11:11 AM

With councils making more local public services available digitally, getting more of their workforce online and planning greater collaboration and integration work with partner organisations – which requires the sharing of residents’ and business customers’ data – reviewing and reinforcing current cyber security arrangements is a key priority for local authorities.

With cyber attacks predicted to continue increasing in both frequency and capability, the LGA is leading on a bid to government for funding for councils and local partner organisations to increase their collective capacity to respond to increasingly hostile cyber attacks.

As part of its Budget submission, the LGA, which represents more than 370 councils in England and Wales, is urging the Chancellor to support the bid to ensure local government has the skills, resources and necessary arrangements in place to work more effectively with local partner organisations so information relating to patients, residents and pupils can continue to be shared securely and efficiently.

Latest industry figures show that UK businesses were subjected to nearly 65,000 cyber attacks – more than 700 every day – each in the three months of April to June 2017, a rise of 52 per cent on the first quarter of 2017.

Councils have robust cyber security measures to safeguard personal data from criminal hackers, including firewalls and scanning services. They carry out cyber resilience exercises and penetration tests on their computer systems, and have introduced training for staff.

However, with more planned joined-up services leading to increased sharing of information and with malware attacks becoming more frequent and sophisticated, the LGA says more funding is needed to ensure local authorities do not expose themselves inadvertently to any cyber threat.

Cllr Paul Bettison, Chairman of the LGA’s Improvement and Innovation Board, said:

“Protecting personal data successfully from computer hackers looking to exploit private information for criminal purposes in an increasingly digitised world is a top priority for councils.

“However, as local authorities work even more with partners on national initiatives - such as the integration of health and social care, children’s services and welfare reform programmes - councils need to share more sensitive and personal information with organisations including hospitals, GPs, care homes, schools, academies, police and probationary services.

“For this reason councils need to ensure confidential information is protected as securely as possible from the rising number of cyber attacks which can bring businesses to their knees, by putting their IT services out of action for days and compromising personal data.

“Some hackers hold their victims to ransom by demanding an extortionate fee is paid to restore IT systems back to normal, even though there is no guarantee this will happen.

“Councils have invested in a range of measures to protect their systems and data, which are tested robustly for cyber resilience, but face an urgent need to prepare themselves to better deal with potential incidents of more frequent and powerful malware.

“The LGA agrees with the Government’s vision of the UK in 2021 as secure and resilient to cyber threats, prosperous and confident in the digital world, as set out in its National Cyber Security Strategy.

“Investing in cyber security must be seen as an economic opportunity and we urge government to allocate funding to councils to build capacity to respond to the growing threat of cyber attacks and ensure the safeguarding of personal data is as strong as possible.”

Notes to editors

The LGA is calling on the Budget to support the funding bid and for government to work with us, through the Cabinet Office, the National Cyber Security Centre and DCLG to deliver this important support to councils and local partners, increasing our collective capacity to respond to future cyber attacks. The bid can be read in our Autumn Budget submission, here.