Neil Gooding 24 March 2020

How does the London Borough of Bexley crack cyber security?

Local councils across the UK face hundreds of millions of cyber-attacks, and as a large London Borough we identified gaps which led us to seek a major change of strategy and significantly raise our level of cyber security.

We had relied on a SIEM tool (Security Incident and Event Management) to manage security. It was particularly weak around log and event management, while difficulties with initial configuration and day-to-day use meant that it wasn’t producing the data that Bexley needed, nor was it being updated.

The tipping point was the result of coinciding Cyber Essentials and PCI DSS (Payment Card Industry Data Security Standard) audit reports, which further highlighted gaps in areas such as intrusion detection and log management.

Our team was flooded with alerts and getting to the point where the old product wasn’t getting used. Although our team would dip into it every now and again, they would be faced with lots of logs that were pretty much meaningless and it was very difficult to drill down to find anything that was of any use. So the only benefit from having the SIEM tool was really to fulfil a tick box; there was little visibility of high priority incidents.

We faced further challenges around budget restrictions, availability of in-house skills and time needed to set up a new system.

Our team always considered that the responsibility for managing cyber security should be owned by the authority and as such was never outsourced. Yet we recognised a major change of strategy was necessary. For us, staff resources were very tight, so it made sense to have experts to set up and manage the tools in order to help maximise our time.

Bexley therefore opted for a managed security service, from Hytec, which sits behind the scenes to guard the Borough against attack. It addresses the very particular set of issues faced by local authorities; significantly enhancing the protection of systems and data, helping achieve compliance requirements and ensuring appropriate security mechanisms are in place.

Our managed security service has five core areas including: activity detection; threat intelligence; protective monitoring; asset ID and management; and vulnerability scanning. Taking a partnership approach to cyber security has significantly raised levels of cyber security, which has proved invaluable.

Our service partner managed the entire council network and we now have access to the same “single pane” one-window view of the security posture of the entire estate. Both Hytec and our internal team also have the same view of the infrastructure and this has improved reporting and strengthened the working relationship.

Through access to a complete service including people, process, technology, intelligence and compliance, we have ensured that our council's security ambitions are realised.

Bexley has strengthened its cyber defenses considerably. For instance, it has been possible to reduce the likelihood of serious security incidents to a minimum. Taking a managed security service approach has supported our in-house ICT team’s incident response procedures and informs them of the necessary corrective actions should an incident occur.

We are also able to check the accounts in use in Bexley, and from other non-UK territories at the same time, there is often a rational explanation for this, but before deployment of the managed security service Bexley had no view of this.

In a recent typical month, there were approximately 18 million possible security events, and from this about 2,000 alarms have been generated of which around six have been escalated via email and other means for further investigation, keeping Bexley cyber-safe.

The security landscape can be a confusing and frustrating area where hidden costs can quickly escalate and IT tools often do not deliver their promised gains. However our experience with a managed security partner has been very different.

Neil Gooding is information security manager at the London Borough of Bexley

Making payment processes smarter  image

Making payment processes smarter

It can be challenging to find the right software to streamline payment processes. Lewis McKenna-Crisp argues SmarterPay has the ideal solution for councils.
SIGN UP
For your free daily news bulletin
Highways jobs

Director of Public Health

Royal Borough of Greenwich
Up to £131,210
The Public Health department is at the heart of the council’s business. Greenwich, London (Greater)
Recuriter: Royal Borough of Greenwich

Head of Regeneration and Growth

Plymouth City Council
£68,387 - £74,411 (MFS and relocation available, pay award pending)
This is a unique opportunity to lead our award-winning development team and directly deliver hundreds of millions of pounds of projects. Plymouth, Devon
Recuriter: Plymouth City Council

Director of Adult Social Care

Wiltshire Council
£119,390 - £127,137
Join us as the Director of Adult Social Care and make a real difference to people’s lives. Wiltshire
Recuriter: Wiltshire Council

Assistant Director Planning, Performance & Engagement

East Sussex County Council
up to £97,700
With strong local communities, unspoilt countryside and vibrant coastal towns, East Sussex offers an exceptional quality of life to many. East Sussex
Recuriter: East Sussex County Council

Director of Finance & Commerce

Lancashire County Council
Up to £114,339
You will play a critical role in driving the organisation through complex change and innovation. Lancashire
Recuriter: Lancashire County Council
Linkedin Banner