Decision Maker: Audit, Risk and Governance Committee
Decision status: Recommendations Approved
Is Key decision?: No
This report provides an overview of the
improvements in cyber security across the organisation and is
presented to this committee to provide a progress update requested
during the last meeting on 29 January 2024.
Cyber remains one the council’s most significant risks with
cyber-attacks across the public sector growing in frequency,
sophistication and impact. In July 2024 LCC fell victim to a
high-risk cyber-attack and this has led to even further
improvements to the security controls in place.
These newly introduced capabilities are helping to manage the
current level of cyber risk, outlined in the Corporate Risk and
Opportunity Register, and this has led to a reduction in the risk
rating from Red to Amber.
The council uses a Microsoft Secure Score to assess its security
posture. The score is currently 67% and improving every month,
compared to 48% for organisations of a similar size.
Recommendation
The Audit, Risk and Governance Committee is asked to consider and
comment on the progress to date.
(Not for Publication - Exempt information as defined in Paragraphs 3 and 7 of Part 1 of Schedule 12A to the Local Government Act, 1972. It is considered that in all the circumstances of the case the public interest in maintaining the exemption outweighs the public interest in disclosing the information.)
Carol Groom, Head of ICT Strategy and Assurance presented a private and confidential update on cyber security.
Resolved: That the report be noted.
Corporate Priorities : zFormerPriority_Delivering better services;
Divisions Affected: (All Divisions);
Contact: Carol Groom Email: carol.groom@lancashire.gov.uk Tel: 01772 531944.
Report author: Carol Groom
Date of decision: 27/01/2025
Decided at meeting: 27/01/2025 - Audit, Risk and Governance Committee
Accompanying Documents: