On 14^th  January, Emma Velle, Public Sector Business Consultant at Quorum Cyber, led the session ‘Going Beyond Compliance’, alongside panellists: Darren Chapman, Principal Security Consultant; James Allman-Talbot, Head of Incident Response and Threat Intelligence; and Leon Butler, Head of Data Security. During the session, our experts delved into the critical importance of leveraging strategic frameworks and standards to enhance cyber security resilience. They shared valuable insights and actionable advice that can help local authorities and other organisations not only meet compliance requirements but also build a robust cyber security posture.

If you missed this insightful session, don’t worry! You can access the recording on demand. In the meantime, here are some key highlights and takeaways from our discussion.

Top insights

During the discussion, Darren Chapman emphasised the importance of cyber security frameworks like the Cyber Assessment Framework (CAF). He highlighted that while prevention is crucial, building resilience through effective response strategies is equally vital. The CAF, with its focus on resilience and indicators of good practice, offers a comprehensive method for measuring and enhancing cyber security.

James Allman-Talbot discussed the rise in denial-of-service and ransomware attacks targeting local governments. He stressed the importance of threat intelligence in prioritising defences, explaining that understanding who is targeting them and why helps local authorities allocate resources more effectively. James also emphasised the inevitability of cyber incidents and the need for robust incident response plans.

Leon Butler focused on data governance and the transformative potential of artificial intelligence (AI) in local government operations and service delivery. He advised that understanding and classifying data is key to effective management. By identifying sensitive data and implementing controls, local authorities can safely use AI tools like Microsoft Copilot. Leon also stressed involving business stakeholders in the cyber security journey to align data protection with operational needs.

Five key takeaways

1. Resilience over prevention: While prevention is important, resilience – through effective incident response and recovery – is crucial.
2. Threat intelligence: Prioritise defences based on threat intelligence to focus resources on the most significant risks.
3. Data governance: Understand and classify data to protect sensitive information and leverage new technologies safely.
4. Holistic approach: Cyber security must be integrated into the entire organisational structure, not just within IT.
5. Continuous improvement: Cyber security is an ongoing process that requires continuous evaluation and adaptation.

What’s next for local authorities?

Leaning on a managed security provider allows local organisations to focus on their transformative projects, while keeping their communities secure. As a Microsoft Solutions Partner for Security, with 400+ experts, Quorum Cyber is perfectly placed to help defend local and regional government bodies from harm. We already defend customers across the public sector, including Devon County Council, Renfrewshire Council, and South Ayrshire Council.

To begin with, our Cyber Resilience Assessment is designed to give you a solid understanding of your current exposure to cyber risk. Contact a member of our team at [email protected] to get an assessment booked in or to continue the discussion.