I live in Buckinghamshire, so this is a heartening case study…:
[…] For many councils getting the right level of in-house provision is extremely difficult due to limited resources. For this reason, tapping into support from cybersecurity specialists provides access to the right mix of skills and tools needed to achieve the right level of protection, cost-effectively. The Council understood the full scope of what needs defending and prioritised its course of action, which has been fundamental to the strong position secured; it is seeing more and more benefits as time goes on and has strengthened its cybersecurity considerably.
For instance, Buckinghamshire Council is now able to undertake anomaly-based intrusion detection. Intelligent technology identifies and reports anomalous network and machine activity, for example unusually high network traffic and service availability issues. It uses Network Intrusion Detection (NIDS) and Host Intrusion Detection Systems (HIDS) to detect attempted and successful intrusion activity.
The asset identification and management component of its managed security service ensures that there is no easy way to obtain unauthorised access to the network. In recent years there has been a significant growth in shadow IT in local authorities, where departments or individuals use software or solutions without approval, which leaves councils vulnerable to security breaches. Buckinghamshire Council can now scan and discover all the assets that could affect it, in the cloud and on-premise, reducing the potential security threat and making sure there are no unauthorised access routes to its network.
Through working in this way the Council’s systems are scanned for vulnerabilities on a regular basis, allowing real-time reporting to prevent security incidents. Any threats are interpreted to determine impact on the local authority and passed to the Council along with suggested corrective actions.
The most compelling example recently was during a high-profile phishing exploit which swept across other local authorities causing significant disruption and requiring weeks to overcome. At Buckinghamshire, the same incident took only 30 minutes to identify and rectify.