Graeme Stewart, Managing Director of LogPoint UK and Ireland, discusses the lessons UK local government can learn from Danish councils on cybersecurity and compliance.
30 September 2016 – SIEM (Security Information and Event Management) technology is growing in popularity in Europe as it tackles the global challenge of security and compliance. Within the last year, local councils have increasingly become targets for data breaches and ransomware attacks, often with large fines attached . The biggest online threats to councils online include DDOS attacks, phishing, malware and ransomware, just to name a few.
It is thought that approximately 70 per cent of threats could be mitigated through basic housekeeping precautions such as regularly changing passwords and keeping security software up-to-date, although human error remains a factor that is much harder to eliminate. Joint industry-government partnerships, such as the Cyber-Security Information Sharing Partnership (CiSP), exist to share cyber threat and vulnerability information in order to increase overall situational awareness of threats and reduce the impact on UK businesses.
If we look outside of the UK, such as at Danish local councils, it is clear to see how partnerships are helping to co-create new systems with help from other government departments, citizens, and the private sector. These councils are moving a greater number of public services online, with a prime example including Vejle, Denmark where 86 per cent of citizens exclusively engage with local governments through online communications. This level of online engagement has been possible because Vejle excels in digital inclusion. This strategy from the government and its public, private and voluntary sector partners is designed to increase the number of people able to use and benefit from internet services – delivering tangible results.
Tackling the global cyber security challenge
While desirable from an efficiency perspective, a barrier to implementing a partnership model in the UK could be one of scale; Denmark is home to 5.6 million people, while many UK local councils have double that population within a single council. However, the UK could replicate a number of Danish citizen engagement projects, such as, “coding pirates” which begins teaching technology skills to young people. The voluntary participation between organisations in Denmark has proved successful, partially because everyone involved has a shared interest in the programme’s success and resources are shared nationally.
The UK government could certainly take the lessons learned by Vejle and increase regional communication and partnership to move towards a collaborative approach to problem solving. Today’s data threat landscape is one of constant change; local governments and public sectors must continually adapt to mitigate the increasing risks, such as mobile malware, which quadrupled in 2015 and has increased 50% since the beginning of 2016.
Using SIEM technology to deliver more than compliance
One of the misconceptions regarding SIEM, is that it is a tool purely used for compliance purposes. This, however, is simply not the case. In a climate of a widening IT skills shortage, IT professionals need to be able to use their time more effectively. SIEM can deliver against public sector and compliance burdens, but can also provide rapid diagnostics.
The data, which companies seek to protect on their networks, is being attacked because it has value. Turning this concept on its head, local governments and public sectors must look at this valuable data and determine how they can drive added value from it themselves. As cyber-crime has become more sophisticated over time, a collaborative approach to big data analytics is the way to take control of this changing landscape.
If UK councils are to learn from their Danish counterparts, then a simple-to-use SIEM tool may be the place to start. Combined with a collaborative approach to security and business operations, local government can leverage partnerships to ensure such technology delivers maximum value and implements learnings from other bodies. SIEM solutions are not only security focused, but will enable councils to broaden their use of technology to drive a greater ROI. Highly skilled staff will no longer need to spend time sifting through data to retrieve intelligence, they can utilise intelligence from other bodies – and the tools provided by a SIEM solution to make more sensible business decisions.