08 January 2024

Tackling cyber vulnerabilities

Tackling cyber vulnerabilities   image
Image: SomYuZu / Shutterstock.com.

James Young, chief technology officer at Cantium Business Solutions, discusses how vulnerability management can play an important part in managing cyber security risk.

The cyber security landscape for local authorities is complex and ever evolving. Like other government entities, they face a range of cyber threats, each unique to their organisation. However, there are some commonalities such as the reliance of legacy IT systems, which may have security vulnerabilities that are not easily patched or updated, the need to protect sensitive and personal data and the prevalence of ransomware attacks.

A growing threat

The risk of a security breach has become an increasing reality for local authorities. Findings from a recent Freedom of Information request show that almost 1500 data breaches were disclosed by councils last year. While a recent report from Sefton Council highlighted that it has been fighting off over 30,000 cyber-attacks a month. Having commissioned two external reviews of its systems, including assessments by Microsoft and the Local Government Association, it found, like many other local authorities across the country, that its IT infrastructure was being targeted.

Keeping users, devices and core infrastructure up to date in large organisations, like county councils, which have thousands of employees and large amounts of IT equipment can be challenging. Vulnerability management is a critical aspect of proactively identifying and managing cyber security risk. It involves identifying, assessing, prioritising, mitigating, and monitoring vulnerabilities in the IT infrastructure to protect against potential threats. Effective vulnerability management not only reduces the attack surface of an authority’s systems and applications, but it also makes it more challenging for attackers to find and exploit vulnerabilities.

Proactive defence

With hundreds of vulnerability instances happening across the IT estates of local authorities, manually identifying threats takes a long time. Especially when environments have grown in complexity over the years and more layers of IT have been added and not sufficiently managed. To minimise the risk of unauthorised access to sensitive data, it’s important that local authorities control and monitor access to devices, systems, and data for employees throughout their employment lifecycle, as well as assess incoming threats. Ideally, local authorities need clear visibility of their vulnerabilities, and a measure in place that prioritises them in the order they need to be remedied to make the biggest impact.

Vulnerability management platforms offer a wide range of benefits for local authorities looking to enhance their cyber security posture and protect their IT infrastructure. Not only do they provide a comprehensive view of the IT environment, including devices, applications, and services, but this level of visibility also helps IT teams to understand their attack surface and identify any potential vulnerabilities.

For in-house IT professionals this frees them up to focus on more strategic and proactive tasks, such as delivering new functionality or effectively maintaining the IT estate. By deploying a platform that continuously monitors for vulnerabilities in real-time, the need to carry out manual assessments is reduced, speeding up the vulnerability discovery process, so that local authorities can stay vigilant against evolving threats and emerging vulnerabilities. The ultimate goal of a vulnerability management platform is to reduce the authority’s overall cyber security risk by identifying and mitigating vulnerabilities before they are exploited.

Breaches can be expensive and managing vulnerabilities can lead to cost savings in various ways, such as reducing the need for incident response, litigation, and regulatory fines associated with breaches. It also avoids the expenses of patching systems after an attack. By streamlining the vulnerability assessment process and prioritising risks, local authorities can use these platforms to help save time and reduce the costs associated with cyber security efforts.

Keeping information safe and secure

Vulnerability management is an ongoing process that requires a proactive approach and a commitment to maintaining a strong cyber security posture. It’s a fundamental and integral part of a robust cyber security strategy and increasingly important for local authorities given the sensitive information they hold and the prevalence of attacks.

Implementing a robust vulnerability management program helps local authorities to protect their IT assets and the sensitive data they manage. It’s not just about managing vulnerabilities effectively, enhancing overall cyber security posture can help maintain the trust and confidence of the public and partners, whilst also ensuring the organisation is meeting compliance requirements.

High profile breaches serve as a reminder that whenever an organisation has valuable data, cyber criminals will attempt to steal it. There are many ways in which data breaches can occur, but having visibility is the first line of defence to help local authorities identify and address weaknesses in their IT infrastructure before cyber criminals can exploit them.

SIGN UP
For your free daily news bulletin
Highways jobs

Pension Officer

West Northamptonshire Council
£34203 - £37067
The Pensions Service is looking for a highly motivated individual to join our Operations team as a Pensions Officer. You will be performance focused and driven to provide excellent customer service. You must demonstrate a flexible approach to delivering a Northampton
Recuriter: West Northamptonshire Council

Senior Lawyer - Contracts & Commercial

City of York Council
Grade 11 Level 1 - 4 (£50,620 - £57,611 pa)
City of York Council has an exciting opportunity for an experienced, ambitious and innovative senior lawyer. York, North Yorkshire
Recuriter: City of York Council

Programme Manager - WMF2341e

Westmorland and Furness Council
£56,883 - £59,198
The Capital Programme team is responsible for the core delivery of the Council’s c.£80m-£100m/year Capital Programme Kendal, Cumbria
Recuriter: Westmorland and Furness Council

Driver & Maintenance Worker (Children¿s Residential Services)-CMB2063e

Westmorland and Furness Council
£25,989
Join our dedicated team working within a residential setting in Children’s Services. Barrow in Furness, Cumbria
Recuriter: Westmorland and Furness Council

Social Worker WMF2342e

Westmorland and Furness Council
£34,434.00 - £44,078.00 (pro rata for part time positions)
We apply a career grade system to our Social Worker roles Barrow in Furness, Cumbria
Recuriter: Westmorland and Furness Council
Linkedin Banner