3rd March 2017
Just when we thought it was going so well…
In a recent Solace blog about cyber resilience, I implored colleagues to implement a small exercise at a meeting of their management team. As I’m not the sort of chap who would suggest trying something if I wasn’t prepared to do so myself, I recently did just that. I’m not sure about an ‘Oscar’, but Ann Carey, Head of ICT, certainly played the part incredibly well, with a somber expression and serious demeanour easily convincing colleagues that we had a serious issue.
The following text is by Nicole Rickard, Head of Communities, and explains how she felt as the exercise unfolded. If anyone wants their staff to contact Nicole or Ann, their details are at the end of the blog.
“ … we have a suspected cyber-attack in progress and all ICT systems are now being shut down… likely to be unavailable for at least a week … a virus is believed to have been introduced via an email attachment …”
The words of Ann, the Head of ICT, are met with absolute silence and shocked faces – while she continues to give more details on the attack and what ICT are doing to respond to it, I can see similar thoughts going through my colleagues minds as they try and assess the impact of a total loss of ICT on their services.
– Was it me or one of my staff that opened that email?
– Where is my Business Continuity plan, do my teams know what they should be doing?
– Better start contacting our partners to let them know, check the diary, sort out cancellations and rescheduling…
– … Oh, all my contacts and diary are on corporate systems that aren’t available.
Ann continues, “…systems will be out for days… phones not affected… but no email, financial systems, or access to service systems…” A colleague, his face now quite pale, immediately starts to text his front line staff – but should he be doing so, I wonder? With my plans and expectations for the rest of week rapidly changing and being replaced by uncertainty, dealing with anxious staff, councillors and customers, failed KPI’s and visions of some very long days ahead, I eventually hear the words…
“This is an exercise, I repeat, this is an exercise. However it could so easily have been for real, so what have we learnt?”
An intense and useful discussion then follows around those issues that gave us the worst sinking feeling – managing the media & members, key decisions about planned events such as a local election, council meetings etc., coordinating actions across services, defining lead roles and continuing with critical service delivery without ICT – we all realised that our dependency on ICT is so ingrained that at times it is almost impossible to consider how any organisation would survive a prolonged loss of ICT. Working together we then identified possible gaps in our response
to a cyber incident and what we can do now to both help improve our resilience and increase our chances of managing our way through and emerging on the other side relatively unscathed. In particular, this made us focus on what service areas would need to take priority, and the importance of an effective approach to communications
across the board made all the more difficult without key ICT systems to use.
So, after a horrible sinking feeling in the pit of my stomach, through the intense sense of relief that it was an exercise, to the realisation that such an incident has far-reaching impact and consequences. A lot of food for thought!
Nicole Rickard – Head of Communities: firstname.lastname@example.org
Ann Carey – Head of ICT: email@example.com
Stephen Baker, Chief Executive of Suffolk Coastal and Waveney Councils, and Solace Spokesperson on Civil Resilience and Community Safety