An area authorities cyber safety group is exploring different assurance processes to switch these used inside the Public Providers Community (PSN).

Geoff Connell, chair of the nationwide Cyber ​​Technical Advisory Group (CTAG) and director of knowledge administration and expertise at Norfolk County Council, instructed UKAuthority’s Resilience and Cyber4Good convention yesterday that’s how completely different approaches may enhance the safety assurance that has include utilizing the PSN.

The community is because of be closed subsequent yr with the Authorities Digital Service having indicated in 2017 that there at the moment are safe routes for communication by way of the web – though a query round this was raised by the publication of a procurement discover in August.

“Will probably be safer however does imply we might be dropping one thing that has been painfully carried out however fairly useful, that’s unbiased assurance round PSN,” Connell stated.

“It is essential as a result of the completely different public sector organizations, rightly or wrongly imagine they will belief one another to share data. It implies that once we work together we will work together with a lot of bits of central authorities and completely different businesses we’ve got a tick that claims we’ve got a PSN assurance accreditation.

“We want to consider how we change that.”

CAF potential

He indicated {that a} native authorities model of the Cyber ​​Evaluation Framework (CAF), at present being explored by the Native Digital group within the Division for Leveling Up, Housing and Communities, may play an essential position.

Norfolk County Council has been concerned in one of many pilot tasks, and Connell stated the expertise had been encouraging. It offers with the problems of safety, privateness and belief that are at present largely coated by PSN accreditation.

“It is a lot broader that what we have accomplished on PSN,” he stated. “It actually does take a look at the chance administration and governance facet of issues.

“So it does look good and should you speak to NCSC (Nationwide Cyber ​​Safety Centre) and take a look at the federal government technique it’s the route of journey.”

He stated there’s additionally scope for the NHS to undertake the same mannequin, and that for each that and native authorities a CAF may present consistency in going by way of an assurance course of as soon as to cowl a variety of necessities.

Cyber ​​Necessities different

Connell added that CTAG can be a substitute for the NCSC’s Cyber ​​Necessities Plus framework, saying it’s extra acceptable for the non-public sector than native authorities, and the potential of regional or a nationwide safety operations middle as a useful resource for councils.

“It is too costly for a single native authority however there’s a chance if we work collectively,” he stated of the latter.


Subscribe Us to receive our latest news in your inbox!

We don’t spam! Read our privacy policy for more info.


Please enter your comment!
Please enter your name here