Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
An overview of current issues and practice relating to local government cyber security in England and Wales
Cyber Security: A Peer-Reviewed Journal,
4
(4),
330-344
(2021)
Abstract
This paper explores some of the current issues around cyber security and resilience relating to local government in England and Wales, covering the period of the current National Cyber Security Programme from 2015 to 2020. The paper outlines the structure of cyber security and resilience and explains the linkages at a regional and devolved administration level in the case of Wales and UK national level. The paper introduces the concept of a cyber asset taxonomy to quantify cyber artefacts, to aid the early warning of organisations with particular type of equipment, systems and services. There is also discussion around a volunteer-led CyberShare Node/Fusion Cell structure to aid incident response in a cost-effective way. Finally, there is a description of current research which will result in future papers.
Keywords: local government; cyber security; cyber resilience; incident response; incident coordination; cyber asset taxonomy
The full article is available to subscribers to the journal.
Author's Biography
Mark Brett is a Chartered Manager and Chartered IT Professional. Mark is a Certified Cyber Professional (CCP) Lead Securities Industry Regulatory Authority (SIRA), having an outstanding track record as a senior manager and consultant in local and central government. He is actively engaged in the Local Government Cyber Resilience Programme with Ministry of Housing, Communities and Local Government (MHCLG). Mark worked for three years with the PSN Programme in Government Digital Services (GDS) Lead IA Adviser and PSN SOC/Security Manager. As lead security analyst in Ministry of Justice (MoJ) Digital, he developed an agile approach to information risk management and assurance, which he has implemented in MHCLG. Mark was chief information officer (CIO) of London Connects. As a deputy director in the London Resilience Team, he designed and implemented a PanLondon Emergency Management Extranet and was instrumental in setting up the WARP programme for Customer proprietary network information (CPNI). As information assurance adviser to the Local Government Association, he is the author of the Local Public Services Data Handling guidelines. He continues to lead the Local Government IA work as a special adviser to the local CIO Council and through the Local Government Cyber Security Stakeholder Group and the Local Government PSN Board. Mark is currently cyber technical adviser to MHCLG, working on the National Cyber Security Programme – Local. Mark’s work in the cyber and resilience world involves developing cyber resilience exercises and response capability training, which is being used within local resilience forums in England, and leading the Cyber Resilience Programme in Wales for the Welsh Government working with the four Welsh local resilience forums (LRFs). He has recently authored the emergency management exercise that is being run across the English local resilience forums. Mark is a Fellow of the Institute of Civil Protection and Emergency Management and a Member of the Emergency Planning Society. He is an honorary visiting fellow in cyber security at De Montfort University and lectures at Warwick and London Metropolitan universities. Mark completed a Doctoral Training Programme at De Montfort University.
