08 January 2024

Tackling cyber vulnerabilities

Tackling cyber vulnerabilities   image
Image: SomYuZu / Shutterstock.com.

James Young, chief technology officer at Cantium Business Solutions, discusses how vulnerability management can play an important part in managing cyber security risk.

The cyber security landscape for local authorities is complex and ever evolving. Like other government entities, they face a range of cyber threats, each unique to their organisation. However, there are some commonalities such as the reliance of legacy IT systems, which may have security vulnerabilities that are not easily patched or updated, the need to protect sensitive and personal data and the prevalence of ransomware attacks.

A growing threat

The risk of a security breach has become an increasing reality for local authorities. Findings from a recent Freedom of Information request show that almost 1500 data breaches were disclosed by councils last year. While a recent report from Sefton Council highlighted that it has been fighting off over 30,000 cyber-attacks a month. Having commissioned two external reviews of its systems, including assessments by Microsoft and the Local Government Association, it found, like many other local authorities across the country, that its IT infrastructure was being targeted.

Keeping users, devices and core infrastructure up to date in large organisations, like county councils, which have thousands of employees and large amounts of IT equipment can be challenging. Vulnerability management is a critical aspect of proactively identifying and managing cyber security risk. It involves identifying, assessing, prioritising, mitigating, and monitoring vulnerabilities in the IT infrastructure to protect against potential threats. Effective vulnerability management not only reduces the attack surface of an authority’s systems and applications, but it also makes it more challenging for attackers to find and exploit vulnerabilities.

Proactive defence

With hundreds of vulnerability instances happening across the IT estates of local authorities, manually identifying threats takes a long time. Especially when environments have grown in complexity over the years and more layers of IT have been added and not sufficiently managed. To minimise the risk of unauthorised access to sensitive data, it’s important that local authorities control and monitor access to devices, systems, and data for employees throughout their employment lifecycle, as well as assess incoming threats. Ideally, local authorities need clear visibility of their vulnerabilities, and a measure in place that prioritises them in the order they need to be remedied to make the biggest impact.

Vulnerability management platforms offer a wide range of benefits for local authorities looking to enhance their cyber security posture and protect their IT infrastructure. Not only do they provide a comprehensive view of the IT environment, including devices, applications, and services, but this level of visibility also helps IT teams to understand their attack surface and identify any potential vulnerabilities.

For in-house IT professionals this frees them up to focus on more strategic and proactive tasks, such as delivering new functionality or effectively maintaining the IT estate. By deploying a platform that continuously monitors for vulnerabilities in real-time, the need to carry out manual assessments is reduced, speeding up the vulnerability discovery process, so that local authorities can stay vigilant against evolving threats and emerging vulnerabilities. The ultimate goal of a vulnerability management platform is to reduce the authority’s overall cyber security risk by identifying and mitigating vulnerabilities before they are exploited.

Breaches can be expensive and managing vulnerabilities can lead to cost savings in various ways, such as reducing the need for incident response, litigation, and regulatory fines associated with breaches. It also avoids the expenses of patching systems after an attack. By streamlining the vulnerability assessment process and prioritising risks, local authorities can use these platforms to help save time and reduce the costs associated with cyber security efforts.

Keeping information safe and secure

Vulnerability management is an ongoing process that requires a proactive approach and a commitment to maintaining a strong cyber security posture. It’s a fundamental and integral part of a robust cyber security strategy and increasingly important for local authorities given the sensitive information they hold and the prevalence of attacks.

Implementing a robust vulnerability management program helps local authorities to protect their IT assets and the sensitive data they manage. It’s not just about managing vulnerabilities effectively, enhancing overall cyber security posture can help maintain the trust and confidence of the public and partners, whilst also ensuring the organisation is meeting compliance requirements.

High profile breaches serve as a reminder that whenever an organisation has valuable data, cyber criminals will attempt to steal it. There are many ways in which data breaches can occur, but having visibility is the first line of defence to help local authorities identify and address weaknesses in their IT infrastructure before cyber criminals can exploit them.

SIGN UP
For your free daily news bulletin
Highways jobs

Head of Democratic Services, Elections & Monitoring Officer

Harborough District Council
Grade 12 £67,236 – £71,223 plus £3000pa Statutory Officer Allowance
We are looking for an accomplished and proactive leader for our vacant post of Head of Democratic Services & Elections Market Harborough, Leicestershire
Recuriter: Harborough District Council

Residential Youth Practitioner

Oxfordshire County Council
£37035 - £39513
The Move On Service provides intensive supported housing accommodation for young people aged 16 to 18 years who are in the care of the local authority, working to create individual plans for those requiring additional support for their transition towards Witney
Recuriter: Oxfordshire County Council

Locality and Community Support Worker - North

Oxfordshire County Council
£37035 - £39513
The Locality & Community Support Service in North Oxfordshire are seeking to recruit a Locality Support Worker to join their Locality & Community Support Team. The successful candidate will be an enthusiastic worker who is passionate about improving outc Banbury
Recuriter: Oxfordshire County Council

Social Worker

Durham County Council
£35,412 - £39,152 (pre-progression) / £40,777 - £45,091 (post-progression)
We are looking for social workers who have completed the assessed and supported year in employment to join our Families First teams, working with our Durham
Recuriter: Durham County Council

Social Worker

Durham County Council
Grade 9 £35,412 - £39,152 (Pre-Progression) / Grade 11 £40,777 - £45,091 (Post-Progression)
Are you a nurturing social worker passionate about supporting parents so that children can remain with their birth family?     This could be the right Durham
Recuriter: Durham County Council
Linkedin Banner