This is the LIVE version as of 5 July 2017
New in this version
Socitm is a founding member of the Local Government Cybersecurity Stakeholder Group , facilitated by the Local Government Association, which also involves Solace, ADASS and the National Cyber Security Centre. The group’s most recent meeting discussed how to improve responses to incidents, with building regional capacity seen as one way to achieve this.
Socitm blog post on security for Solace: http://www.solace.org.uk/knowledge/articles/2017-06-23-cybersecurity-fight-needs-everyone-to-volunteer/
Socitm is also a founding member of the Local Government Cybersecurity Technical Reference Group run by the NCSC.
The NCSC’s Active Cyber Defence (ACD) programme has announced four “simple and free” measures to improve basic cyber security: “None of them require additional money to implement. Nor are they overly technically complex to implement.”
Protected DNS is a domain name server filtering service that blocks traffic to/from known malicious addresses
DMARC (domain-based message authentication, reporting and conformance) is an email authentication, policy, and reporting protocol which makes successful email spoofing and spear-phishing attacks much harder for those of malicious intent.
Web Check scans the websites of public bodies looking for common vulnerabilities and returns an easy-to-understand report with risk mitigation advice. NCSC comments, “As we prepare for formal launch a big focus is on signing up local government customers because our pilots have shown them to be the most likely immediate beneficiaries.”
Phishing and malware mitigation - the NCSC has been working with Netcraft, a private sector company, on a phishing and malware countermeasures service to protect the UK, including government brands. This is a protection from which government departments benefit automatically without having to do anything.
The Netcraft service is being expanded over the coming months to cover deceptive domains and malware apparently delivered by government. See the NCSC webpage for more about this service and how to help it do its job well.
Other recent activity
National strategic assessment of serious and organised crime 2017 , National Crime Agency (NCA), p.25-27 cover the NCA's cyber crime Assessment of Threat and Key Judgements
The Information Commissioner's Office (ICO) has released the results of its Local Government Information Governance Survey 2016 of governance of data protection and freedom of information
If this is your first visit to the guide , we strongly recommend About/Guide Structure for an overview and how to use the guide.
Some guide content is for Socitm Insight consumers only. Access to Socitm Insight materials is automatically granted to those who are Insight subscribers directly or via Socitm Corporate membership.
Please send feedback/comments to firstname.lastname@example.org
Archive: most recent new additions first
Ransomware Events Notice - The National Cyber Security Centre (NCSC) guidance is at https://www.ncsc.gov.uk/guidance/ransomware-latest-ncsc-guidance
Your local members of the Cyber Security Information Sharing Partnership (CiSP) and (Warning, Advice and Reporting Point) local/regional WARP networks may have other information to share.