10 February 2023

Combatting data theft

Combatting data theft image
Image: Song_about_summer/Shutterstock.com.

The Government has issued new ‘Data Retention’ advice following an increase in ransomware attacks on the public sector.

In the most recent public sector attack 14 UK schools were targeted by cybercriminals and sensitive data was stolen, some of which was released onto the Dark Web. In the face of this attack and the increasing threat to the public sector, the government has released new advice on how organisations can better manage data.

Focused on schools, but very relevant to local government organisations, the guidance gives advice on how to develop a data retention policy, how to carry out data audits and importantly, how to depersonalise and dispose of personal data.

With the threat from cybercriminals increasing in regularity and sophistication, local government departments need to learn how to more effectively manage data, understand what data they hold and how to protect or safely dispose of it.

The very nature of the data held by local government means that it is an incredibly tempting target for cybercriminals. More worryingly perhaps is the apparent lack of knowledge of what data resides in organisations and how to effectively manage it.

The advice the government has issued makes absolute sense and organisations in local government need to look at and implement it. One of the main issues with the data taken from the UK schools appears that it was old, probably ignored and not seen as a priority. This is a major issue throughout local government too and so alongside a better understanding of what data is held, organisations have to ensure that where possible data is held out of reach of cybercriminals even if they do gain access to systems.

Storing data in backup data centres is the traditional method of many looking to ensure business continuity. However, because the backup is continuously connected to other systems if a cybercriminal gains access they can also get to the backup data. Therefore, storing data in silos, away from connected backups keeps them out of reach, even if a cybercriminal gains access.

Equally, ensuring that it is as hard as possible for cybercriminals to gain access in the first place is obviously important. Employees are often considered the weakest link in any organisation’s security. This has increased since many are now working at home or in hybrid roles, outside of the corporate network.

Whilst some solutions continuously warn employees of potential risk, this has had a negative impact, leading to security fatigue. This means staff make less rational decisions and start to ignore all warnings. However, other solutions only contact employees at the point of ‘danger’ ensuring that they are not overwhelmed and can act accordingly.

The threat to local government from cybercrime is only going to get worse over the coming months. Combining the government’s latest advice with some of the solutions described above, can help organisations keep cybercriminals out and data safe.

AJ Thompson is CCO of Northdoor plc.

Making payment processes smarter  image

Making payment processes smarter

It can be challenging to find the right software to streamline payment processes. Lewis McKenna-Crisp argues SmarterPay has the ideal solution for councils.
SIGN UP
For your free daily news bulletin
Highways jobs

Director of Public Health

Royal Borough of Greenwich
Up to £131,210
The Public Health department is at the heart of the council’s business. Greenwich, London (Greater)
Recuriter: Royal Borough of Greenwich

Head of Regeneration and Growth

Plymouth City Council
£68,387 - £74,411 (MFS and relocation available, pay award pending)
This is a unique opportunity to lead our award-winning development team and directly deliver hundreds of millions of pounds of projects. Plymouth, Devon
Recuriter: Plymouth City Council

Director of Adult Social Care

Wiltshire Council
£119,390 - £127,137
Join us as the Director of Adult Social Care and make a real difference to people’s lives. Wiltshire
Recuriter: Wiltshire Council

Assistant Director Planning, Performance & Engagement

East Sussex County Council
up to £97,700
With strong local communities, unspoilt countryside and vibrant coastal towns, East Sussex offers an exceptional quality of life to many. East Sussex
Recuriter: East Sussex County Council

Director of Finance & Commerce

Lancashire County Council
Up to £114,339
You will play a critical role in driving the organisation through complex change and innovation. Lancashire
Recuriter: Lancashire County Council
Linkedin Banner