What To Do When Best Practice Still Loses You £6.4m?

Published on 09/12/21 | Written by Dr Andrew Larner, Chief Executive

In June of this year Redscan Cyber Security published a report on breaches of councils’ cyber security.  Of the councils responding, 10 had their defences breached in the previous 2 years.

Few breaches of council cyber security are publicly acknowledged, presumably for security reasons, however, this can mean that the scale of the problem and its impact goes unacknowledged.

Amongst the 10, there have of course been some that have disclosed the scale of the impact and the cost of clean-up.  This has been useful for the sector as we now know that, for those councils, with costs exceeding £10 million and timescales for clean up being measured in months, the threat is real.

Only last week Redcar and Cleveland reported that of the promised help to pay the £10.1m clean-up bill, government was only providing £3.68m.  Leaving the council to pick up the tab for the remaining £6.4m.

One might reasonably think that following best practice is a secure defence.  Not so.  The National Cyber Security Guidance is there to limit the damage when a breach occurs.

We need to acknowledge that the world has changed.  Councils are now targeted not just by a highly skilled and professional criminal operation but by “asymmetric attacks”, where nation states are testing our defences.

An additional layer of protection, AppGuard, is now available.  Created for the CIA and used by a who’s who of security services, AppGuard operates in a totally different way to all existing cyber defence.  AppGuard protects against attacks that have not been seen before that even the most sophisticated artificial intelligence struggles to detect.

On the basis that this threat is growing and very real, and that prevention is far better than cure we have brought this solution to the UK and engaged some of the best cyber professionals in the UK to install and operate AppGuard for councils.

For one client, our security operations team detected a sophisticated attack while it was in progress and was able to deploy AppGuard to immediately block the threat in real time.

They also installed AppGuard onto a client system that had already been breached, ensuring that all malicious processes and sub-processes were blocked while rebuild took place, including from potentially infected back-up files. This saved the client significant time and money in recovery.

Of course, it is not just the cost and the reputational impact of having no digital infrastructure for months, or in some cases access to records in years.  The data we hold is very sensitive and a devastating impact where personal records are subject to ransom demands.

Since the survey, another large County Council has been hit by ransomware with data put on the dark web presumably for sale.  Underlining that the threat rather like Coronavirus is endemic and we need to learn to live with it safely.

To read the full report, go to: https://www.redscan.com/media/Disjointed-and-under-resourced-cyber-security-across-UK-councils-A-Redscan-FOI-Analysis-report.pdf

If you’re interested in booking a 1:1 demonstration of AppGuard, please contact Craig directly craig.white@iese.org.uk. Or click on the button below to read more about AppGuard.