Elizabeth Giugno, Head of Category – Cyber Security at Crown Commercial Service (CCS), details the importance of the public sector building resilience & strengthening their cyber procurement
The public sector has seen a significant increase in cyber-attacks since the beginning of the pandemic. This is due to the move to home-working on unsecured networks and opportunistic cybercriminals.
The National Cyber Security Centre (NCSC) is the UK’s technical authority for cyber security incidents. The NCSC’s annual review in November 2021 showed an increase in national incidents to 777, an increase of almost 10% from the previous year, with ransomware posing the most serious threat. Ransomware attacks are where cybercriminals use malicious software to block access to computer systems and threaten to release the organisation’s sensitive data unless the ransom is paid.
“The public sector has seen a significant increase in cyber-attacks since the beginning of the pandemic. This is due to the move to home-working on unsecured networks and opportunistic cybercriminals.”
A cyber-attack is hugely detrimental as it can cause loss of data and reputational damage, as well as the cost of recovery to the organisation. Supply chains are also now being targeted by cybercriminals, making it increasingly difficult for organisations to mitigate risk.
For government bodies, cyber security isn’t only a challenge – it’s an obstacle to digital transformation. The stakes are sky-high: hacking public-sector information might imperil national security and citizens’ trust.
5 steps to building resilience:
Building cyber resilience is about strengthening cyber security to increase confidence and ensure that, in the event of an attack, not only can organisations continue to operate but that they will recover quickly.
As threats continue to increase in frequency and sophistication, so must our preventative measures, which should include:
1. Understanding critical assets
The first step to building resilience is having a strong understanding of your critical assets. These are resources that are fundamental to maintaining operations. Ask yourself: if an attack happened today, what impact would it have? What are our critical assets?
A government’s critical assets are often the data it holds, so you need to know how this will be protected from an attack. Managing back-ups are an essential part of this process – rapid recovery is dependent on how regularly back-ups are carried out.
2. Incident response plan
A thorough incident response plan will ensure your organisation can recover quickly from attacks.
A response plan collects together the coordinating functions which guide, inform and support the response process. It encompasses a number of aspects, including triaging and categorising an incident through to escalation procedures and core response.
3. Creating a strong cyber security culture
Phishing emails, which dupe staff into opening them exposing the organisation to phishing attacks have become more frequent during the pandemic.
It’s essential that employees understand cyber threats, the potential risk, and their role in mitigating incidents. Increasing awareness and providing training can all assist in building cyber resilience.
4. Keeping up-to-date with emerging cyber threats
New advanced threats are being discovered daily. Resilience is also increasing your understanding of the threat landscape. Taking a proactive approach is essential to allow for methods to be adjusted before they affect services.
As threats continue to increase in frequency and sophistication, so must our knowledge and preventative measures.
5. Business continuity disaster recovery plan
All organisations should have sufficient business continuity disaster recovery (BCDR) methods in place to make sure that you can resume normal operations in the event of an attack. It should include a complete approach to keeping your team productive during a cyber-attack.
The BCDR plan builds resilience by reducing the risk of data loss and enhancing operations, detailing emergency contacts and key staff.
Steps to strengthening cyber defences through the procurement process
With cybercriminals targeting supply chains and recent attacks such as SolarWinds, procurement can be an increasing concern for the public sector.
Criminals often target the weakest link within supply chains. It is imperative, therefore, that the procurement process mitigates these risks.
CCS worked in partnership with the NCSC to develop the Cyber Security Services 3 dynamic purchasing system (DPS). It provides a central route to buy NCSC assured services to help you improve your security function.
The DPS allows you to filter for NCSC assured services. You can also access suppliers who are not NCSC assured but hold alternative cyber security credentials.
The advantages to using NCSC assured suppliers are that they will have:
- Met the NCSC’s standards and can be trusted to act in NCSC’s name.
- A proven track record in delivering high-quality consultancy services.
- Demonstrated a clear understanding of current and potential cyber threats and techniques and potential effective mitigations.
- Been independently and rigorously assessed.
- Shown that they act with integrity and objectivity.
- Protect the customer’s confidentiality and integrity and comply with relevant laws and regulations.
- A commitment to continuously improve the services offered to meet evolving customer needs.
One of the biggest supply chain challenges can be a supplier’s understanding or competence when it comes to cyber security. Accreditation is increasingly important for the public sector in strengthening cyber defences within the procurement process. Buying through a framework such as the Cyber Security Services 3 (CSS3) DPS, ensures that your suppliers have had vetting checks such as Cyber Essentials.
Cyber Essentials is a government-backed scheme that allows organisations to carry out a cyber self- assessment, and provides an understanding of the organisation’s security levels. This will mean that your supplier has taken steps to safeguard their business against cyber threats and will assist in strengthening cyber defences within your supply chain.
How can CCS help?
Do you have a cyber security requirement? We have a dedicated cyber security team that can help you protect against the increasing complexity of cyber- attacks. For more information about Cyber Security Services 3, you can: