As the Premium Gold Sponsor at the Local Government Partnership Network’s (LGPN) event in the UK on 18th-19th November, Quorum Cyber had the perfect opportunity to share its latest insights into how best to use artificial intelligence (AI) and how to avoid its pitfalls.  

With the theme ‘Delivering tangible solutions for the public sector’, over 100 senior leaders and transformational suppliers from across the UK’s public sector came together at LGPN South 2025, held at Radisson Blu, Heathrow, to collaborate, share ideas and solutions, connect, and grow their networks. 

Quorum Cyber’s Principal Incident Response Consultant and Negotiator Mark-Cunningham Dickie, gave an eye-opening presentation on 18 November: ‘AI, Access, and the Cost of Complacency’.  

With over 20 years of experience helping companies develop cyber incident response plans to build their cyber resilience and responding to cyber incidents and cyber-attacks, Mark shared real examples from his time protecting organisations around the world from operational disruption and data theft.  

From minor incident to major crisis 

While AI undoubtedly offers huge potential to increase efficiency and productivity in local government, Mark warned about being complacent with this powerful and rapidly evolving technology. In his 20-minute talk, he stressed how small, seemingly harmless choices can snowball into multimillion pound crises.  

Mark gave the powerful example of a serious and urgent dilemma, which often takes place in real ransomware attacks: when an unknown cybercriminal demands an organisation to pay £12 million within 72 hours to stop them releasing a huge volume of confidential and sensitive data, do you pay?  

On one hand, you need to protect your residents and their data. On the other hand, you don’t want to encourage more crime in the future. And how do you know that the criminals will keep their word and delete all the data they’ve stolen? How do you know they have all the data they say they’ve obtained? What can you believe and who can you trust? 

The cost of resolving the numerous problems caused by sensitive data being made public can be enormous, even for the smallest public bodies.   

Mark explained how and why organisations need to consider the law, government regulations, demands from ministers and councillors, the uproar from residents and voters, insurers and the Information Commissioners Office (ICO). And that’s all before trying to stop the story running away from you and managing what the media says.  

All this is in addition to the technical challenges. Can your employees access your systems and databases? Can you keep essential services running?  

Your team is stressed and exhausted. And you have a matter of hours to decide what action to take.  

Mark reminded his audience that, soon, it will be against the law for local government bodies in the UK to pay ransom fees. But in the worst-case scenario of a malicious cyber-attack, IT systems still need to be recovered safely to get back to the business of serving the public.   

What’s the involvement of AI? 

With rising costs, shrinking budgets, increasing time pressures, and longer backlogs, AI can be seen as the silver bullet to solve a long list of challenges facing governments up and down the UK. 

Key takeaways to efficiently protect your organisation 

Mark emphasised that AI’s an extremely powerful tool that’s already being used for good and bad. Only this year, he’s seen cybercriminals use AI for: 

• Data extraction 

• Data poisoning 

• Physical-world adversarial attacks 

• Prompt injection 

• Model tampering / supply-chain attacks. 

While all this might seem daunting, Quorum Cyber applies tried-and-tested practices to prevent these malicious actions from happening, including: 

• Permissions: AI access needs to be segmented 

• Testing: who else is using the AI platform 

• Auditing: understand the access and permissions your AI platform has. 

Discover our services and how Quorum Cyber can help 

Explore our managed security services and incident response services to see how they would help protect your organisation? You might also be interested in our Cyber Resilience Assessment, which is designed to give you a deep understanding of your current cyber risk.  

Please get in touch to discuss any of these services or any of the points Mark covered in his presentation at LGPN South.