A major London local authority needed help rebuilding their cyber security capability in the aftermath of a serious ransomware attack.

• Develop an understanding of the cultural and operational background regarding security directly prior to the attack.
• Identify key areas of risk within the organisation.
• Develop security policies and procedures as part of rebuilding the organisation’s security assurance capability.

The first step was to conduct a user-research investigation into the corporate culture around Cyber Security.

Next, a number of key security processes were identified and developed to help provide security assurance. This included vulnerability management, cloud security, privileged account management, and backup and restoration management.

As part of the work, a security team was developed, creating operational linkages to IT and Information Security. Work included setting up and running cross-functional working group team meetings to address on-going security issues.

A security governance forum was developed for the discussion and resolution of security issues across all technical and Info-Sec teams in the council.

• Implemented key areas of security assurance roadmap
• Built cross-functional teams between the Cyber team and Information Security, IT operational units
• Matured Vulnerability Management capability
• Ongoing Cyber Security governance process established

• cyber security
• Data Governance
• IT Operations Design (Policies and Procedures)

• Government and Public Services
• Technology