Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Cyber incident response approach framework for local government
Cyber Security: A Peer-Reviewed Journal,
3
(4),
339-350
(2020)
Abstract
This paper provides an overview and executive summary of the Cyber Incident Response Framework (CIRF) and supporting materials; it is a ‘start here’ guide. The CIAF can be adapted to different types of organisation. It contains information on specific public sector/UK Government aspects relating to the Civil Contingencies Act and local resilience forums (LRF); again, these aspects can be adapted for organisations not covered by those legal and regulatory requirements.1 All UK organisations are covered by the National Cyber Security Centre (NCSC) remit; however, its intervention outside of the government/public sector would only be in time of national emergency. Other cyber incidents and cybercrime are covered by action fraud and local policing supported by the Regional Organised and Cyber Crime Units (ROCCU).
Keywords: cyber resilience; incident response; local government
The full article is available to subscribers to the journal.
Author's Biography
Mark Brett is a chartered manager and chartered IT professional. He is a CCP Lead SIRA, having an outstanding track record as a senior manager and consultant in local and central government. Mark is actively engaged in the Local Government Cyber Resilience Programme with the Ministry of Housing, Communities & Local Government (MHCLG). Mark worked for three years with the PSN Programme in GDS Lead IA Adviser and PSN SOC/Security Manager. As lead security analyst in MOJ Digital, Mark developed an agile approach to information risk management and assurance, which he has implemented in MHCLG. Mark was CIO of London Connects. As a deputy director in the London Resilience Team, he designed and implemented a pan-London emergency management extranet and was instrumental in setting up the Warning, Advice and Reporting Point (WARP) programme for CPNI. While information assurance adviser to the Local Government Association, he is the author of the Local Public Services Data Handling Guidelines. He continues to lead the local government IA work as a special adviser to the Local CIO Council and through the Local Government Cyber Security Stakeholder Group and the Local Government PSN Board. Mark is currently cyber technical adviser to MHCLG, working on the National Cyber Security Programme – Local. Mark’s work in the cyber and resilience world involves developing cyber resilience exercises and response capability training that is being used within local resilience forums (LRF) in England, and leading the cyber resilience programme in Wales for the Welsh Government, working with the four Welsh LRFs. He has also recently authored the emergency management exercise that is being run across the English LRFs. Mark is a fellow of the Institute of Civil Protection and Emergency Management and a member of the Emergency Planning Society. He is an honorary visiting fellow in cyber security at De Montfort University, where he completed his doctoral training programme, and lectures at Warwick and London Metropolitan universities.
Joshua Wood is a business management graduate from Liverpool John Moores University, who has recently moved into the cyber security industry. He is currently studying a cyber security BSc part-time while working in industry. Joshua is a faculty member in the Arts Science and Technology department at Wrexham Glyndwr University. His research interests include cyber security risk management, strategy and intelligence, policing cyber threat and information assurance.
Jamie Parker Jamie David Parker is a student and researcher studying cyber security, aspiring to become a professional in the field of information technology and security. As an apprentice with hands-on experience in the day-to-day security environment, he specialises in the research and analysis of threats and the production and development of multiple security-related technologies.
