Councils urged to take ownership of their cyber security strategy

To tackle cyber attacks effectively and protect vital public services, councils should look to their public sector peers and beyond the Government’s planned £1.9bn investment in cyber security, concludes a new research briefing by Socitm.

Responding to the Government’s newly-published National Cyber Security Strategy 2016-2021, the briefing emphasises why councils must take responsibility for their own cyber security, despite Government’s proposed spending and its new National Cyber Security Centre (NCSC).

The briefing, released this month, says of the Government investment that while ‘the sums of money appear large, so too is the scope of the ongoing cyber-related activities that are required’.


Seed money

In the briefing, Socitm Head of Research Dr Andy Hopkirk reminds councils: “This is only ‘seed money’ when seen in that light, and does not reflect the financial investment that must be made by individual organisations.”

The main tenets of the Government’s cyber strategy are also explored in the briefing, along with a breakdown of the £1.9bn investment, following questions by Socitm President, Geoff Connell, raised at the December Local Government Cyber Summit.

The priorities reported at that Summit, and detailed in the briefing, include £600m for ‘reinforcing’ the National Cyber Security Centre (NCSC), with the remaining £1.3bn assigned to ‘strategy delivery’.

And while that strategy is likely to be directed towards central Government departments, there is room to influence it to the advantage of local public services, says Connell.

Reflecting on the Summit and the subsequent Socitm briefing, he said: “Cyber security is more important than ever for local government service delivery, given digital delivery models, increased threat levels, partnership working and our responsibility to help our citizens and local businesses live and trade in an increasingly online world.

“I am therefore pleased to be working with the NCSC representing Socitm members to help shape and target the £1.9bn investments.

“While we are unlikely to see much if any of this budget spent directly on local public sector needs, we are working to ensure that as much of the content and services developed by the NCSC is applicable and re-useable at a local level.”



The briefing offers guidance to local public sector organisations on the next steps they can take in developing their own cyber security strategy.

It points to Socitm’s cyber guide, available at, and urges senior executives and policy makers to join the Manchester leg of the Local Cyber Security Summit, part of the National Cyber Security Programme, on Tuesday 7 February.


Related reading