Protecting local digital services from cybersecurity threats

Emma Clement, Senior Consultant, Urban Foresight
23 July 2021

You’ve likely heard the term “cyber threat” in the media, but what exactly are these cyber threats? 

A cyber threat is a malicious action or event facilitated by a vulnerability that seeks to damage data, steal data, or disrupt digital life in general. Cyber-attacks include threats like computer viruses, malware, phishing, password attacks, data breaches, and Denial of Service (DoS) attacks.  

The threat of cybersecurity incidents has been causing increasing concern for Councils and their citizens. Cyber-attacks have the potential to disrupt the use of digital tools and the delivery of services. 

Worries about the potential damage of these incidents and the reputation of those that use affected tools can deter organisations from adopting digital tools. 

These concerns are as present in Local Authorities as anywhere else. Newcastle City Council are proactive in overcoming them. 

How the Council is protecting itself 

The Council has been developing a relationship with the National Cyber Security Centre (NCSC), which is part of the Government Communications Headquarters, the UK Government’s intelligence and security organisation. 

Since 2019, NCSC has been developing their understanding of the challenges, opportunities and narratives that guide local authorities and their partners when navigating cybersecurity. 

They engaged early with Newcastle to learn about their practices and experiences. The Council’s on-the-ground insight supported NCSC to design a set of Cyber Security Principles

These principles highlight the key considerations that Councils and their delivery partners need to take when developing and operating their smart city, or Connected Place, architecture. 

The principles are split into three sections: 

  1. Understanding your connected place 
  2. Designing your connected place 
  3. Managing your connected place 

“The Connected Places Cyber Security Principles highlight the key security issues that are likely to arise throughout the lifecycle of a connected place and give guidance on the considerations necessary to mitigate against and resolve them where they arise,” said David from NCSC.

“We are pleased to see the Council’s work to embed the Principles, and we are working with them to weave the Principles into their standard practices, so they can take an informed approach to managing the cybersecurity of their connected place – allowing the benefits of these technologies and environments to be realised without compromising security.” 

Moving Forward 

The Council will use these principles to guide decision making on digital maintenance, design, development, procurement and partnerships. 

NCSC are on-hand to support the Council with any questions or concerns regarding cybersecurity.  

They hosted a virtual workshop with Council staff from different service areas and key delivery partners. NCSC presented the Cyber Security Principles and raised awareness of their support. 

“Newcastle is recognised as a smart city – we use technology and data to improve services, make decisions and engage citizens.  But it’s really important that we do this in a way that is safe and secure.  The Connected Places Principles are a helpful way of identifying and understanding risk and ensuring that we’re demonstrating best practice”  

Jenny Nelson, the Digital Newcastle Programme Manager at the Council