Teamwork solidifies South Ayrshire Council’s cyber defences

With a population of around 112,000 people, South Ayrshire is one of 32 council areas in Scotland. South Ayrshire Council ensures that services run smoothly throughout the region, keeping the business community working, the economy flowing and making life easier for people’s everyday lives. It’s also a major employer, with more than 5,000 staff. So it’s no surprise that the local authority makes cyber security a top priority. Reducing the risk of services being disrupted or confidential data being stolen or leaked externally is essential – just as in any other public sector body.

Providing value for money for taxpayers is obviously crucial too. So the Council chooses to work with a cyber security partner for the expertise and resources it doesn’t have in-house.

The relationship began four years ago when Quorum Cyber helped with consultancy work that proved central to transitioning the Council’s connection to the Public Service Network (PSN) away from the use of a segregated enclave toward an organisational security posture that met PSN security compliance requirements.

South Ayrshire Council recognised that a strong partnership with cyber security experts was necessary to make such a transformational change in the cyber security posture.

“We needed a partner to help plan what that should look like and to help with advice and decision making that our operational teams needed to move forward with the cyber resilience programme,” explains Anne Yeo, Senior ICT Security Analyst at South Ayrshire Council.

“It turned into a partnership that offered much more. As we began to implement security solutions we discovered that zero-trust networking would strengthen the security profile and improve our entire corporate network. Quorum Cyber was able to validate some of the plans that our zero-trust partner had set up. Quorum Cyber took on much more of an auditing role in that partnership, as well as providing core functionality for some of the cyber security we needed. Both of those things were instrumental to getting us to where we are now.”

Working together

This early work laid a solid foundation for the Council to prepare to take on a round-the-clock monitoring and detection service.

“We found that Quorum Cyber’s Managed SOC solution was in line with the partnership view compared to other cyber security providers,” says Anne. The Council benefits by working together with Quorum Cyber to improve things and by taking a team approach, rather than having an external company coming in, delivering a fixed service and then walking away.

The Council is now protected with 24/7 security via Quorum Cyber’s Microsoft Sentinel Managed Detection & Response service, which is run by its experienced Security Operations Centre (SOC) team in the UK. “This service has changed the way we think about security here,” says Anne. “Twenty-four hour monitoring provides a reassurance that is hugely popular and very much worth the investment.”

In parallel, the Council’s ICT Security Team has made real improvements in cyber security awareness across the Council’s service teams during the past four years. Like in any organisation, employees form the frontline of defence against cyber threats, so the staff’s knowledge and understanding of how to identify and react is really important.

Quorum Cyber has recently provided other services, including Incident Response playbooks, to help thoroughly prepare in the event of a security incident.

Extending the cyber security team

“We’ve really felt that Quorum Cyber is part of the cyber team and the wider team,” explains Anne. “They’re happy to quickly advise on small matters or simple questions as well as get involved in the larger, more complicated projects. And we’ve found the personal relationships most valuable.”

Quorum Cyber continues to work closely with the local authority to ensure that they widen their focus and mature their cyber security posture in line with an ever-changing threat landscape.