There have been several reports over the past few years identifying the increasing incidence of cyber-attacks on local government.
There is cause for concern around ransom demands, data being encrypted and potentially stolen, and the affect this could have on your local government's ability to provide continuous core services. The common belief is that it is not a case of 'if' this may happen, but 'when'. It's therefore paramount to not only review your prevention strategies regularly, but to plan your response.
Your ability to implement a planned response quickly will go a long way towards:
- Limiting the negative impact on your information technology and other assets
- Minimising any adverse community or media reactions
- Enhancing community confidence and the overall success of your plan
The following is a brief summary of the main areas that you should consider when developing a data breach response plan:
- Response team – identify staff and potential vendors best placed to implement and drive a structured response
- Internal communications – detail how the response team will be invoked, and which areas and people within the local government need to be mobilised
- Detection and assessment – how you will detect and assess the level of the breach
- Contain the breach – the steps to cease or minimise any further interference
- External communications – prompt notification of any affected individuals or other entities, and consider which external agencies, regulators or media forums should be advised
- Review and improve – following a data breach, engage a formal process for reviewing the incident, the effectiveness of your plan, potential areas for improvement, and your overall prevention strategies
For further assistance in developing a data breach response plan, contact the LGIS risk and governance team on 94838888.