The CISOs of Local Authorities Create a Sharing Network
Author: John Charles
Hello everyone! In this blog post, I will share with you some insights on how the CISOs (Chief Information Security Officers) of local authorities have created a sharing network to improve their cybersecurity posture and resilience.
What are CISOs and why are they important?
A CISO is a senior-level executive within an organization responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. CISOs play a crucial role in managing cyber risks and ensuring compliance with relevant laws and regulations. They also oversee the implementation of security policies, procedures, standards, tools and best practices.
CISOs are especially important for local authorities (such as towns, cities, departments or regions) that provide essential public services to citizens and businesses. Local authorities handle sensitive data such as personal information, health records, tax payments or voting results. They also rely on critical infrastructure such as water supply systems or traffic lights that could be disrupted by cyberattacks.
Unfortunately, local authorities are often targeted by cybercriminals who seek to extort money or cause damage by launching ransomware attacks. Ransomware is a type of malware that encrypts data on infected devices or networks and demands payment for decryption. According to Computer Forensics World, 4,000 ransomware attacks have been reported every day since 2016. In 2021 alone, state and local governments were exposed to ransomware that impacted more than 70 million people.
How do CISOs of local authorities create a sharing network?
To cope with these challenges, CISOs of local authorities have created a sharing network with the support of Anssi (the French National Cybersecurity Agency). This network aims to be “a place for sharing information, good practices and experience” among its members.
The network now includes around 100 members from different walks of life spread over the whole territory. Admissions are by cooptation and exclude solution providers. The network has a coordination committee made up of about ten people.
The main benefits of this network are:
– Sharing IOC (Indicia of Compromise) reports to improve incident response
– Sharing advice on backup and computer hygiene
– Sharing feedback on security solutions
– Sharing awareness campaigns
– Sharing regulatory updates
By creating this network, CISOs of local authorities hope to show a common front against cyber threats and improve their negotiation power with security vendors who sometimes offer non-compliant products.
Conclusion
In conclusion, CISOs of local authorities have created a sharing network to enhance their cybersecurity capabilities and collaboration. This initiative is essential in this period of high cyber intensity around local authorities who face increasing risks from ransomware attacks. By joining forces, they can better protect their data assets,infrastructure and public services.
