Business > Efficiency

Cyber attacks may spur regional plans to provide cyber support

David Bicknell Published 17 May 2017

Emerging idea for mutual cyber support from local organisations will require NCSC funding and backing from Whitehall


The worldwide cyber security issues that impacted the NHS over last weekend are set to foster public sector organisations working more closely together to support each other

The stark impact of the chaos that can be caused by cyber attacks may also embolden IT leaders across the public sector to argue for more financial resources to be able to cope with any future attacks.

One solution that is already being discussed is local public sector organisations - notably the NHS and councils - working together regionally to deal with cyber attacks.

The idea builds strongly on the 'place' concept being pursued by local IT and digital leaders group Socitm.

The group is understood to have been contacted already by one NHS organisation asking if it can provide short-term resources from one or more of its members to help the trust out.

The regional plan, which is still emerging, will require two things: financial support and strong Whitehall backing.

There is understood to be some sympathy from the National Cyber Security Centre (NCSC) for the thinking behind the plan. Campaigners hope to argue for NCSC funds to be made available for the 2018-19 financial year.

The plan will also require Whitehall to develop more 'local' or 'place' based thinking than it has so far been able to muster for local digital transformation. Supporters of the plan say Whitehall continues to forget that 60% of public services are actually delivered locally.

Neha Ralhan, a senior analyst for GlobalData Public Sector specialising in healthcare, said taking a regional approach to security was in line with the NHS mandated Sustainability and Transformation Plans (STPs).

“A collaborative approach to cyber security is a natural extension of the links that already exist between the NHS and social care (which is under the jurisdiction of local authorities) and it can be augured should already be in place,” she said. “By expanding a place-based approach to ICT, less digitally mature sites would benefit from partnerships with more advanced organisations and financial pressures felt by the NHS and local authorities may be alleviated by reaching economies of scale through place based commissioning.”

With local government likely to be heavily involved in the regional cyber 'task forces', the logical Whitehall department to oversee the plan is the Department for Communities and Local Government (DCLG).

But the perception of DCLG among some in local government is that in 'clout' terms, it is a 'weak' department. For that reason, some might prefer to have the support of the Cabinet Office for any regional cyber plan.

Some stakeholders argue there is already a good coordinated regional network across the Warning, Advice and Reporting Points (WARPs) which links into the Local CIO Council group and the Socitm regions that have strong links to NHS Digital, the CareCert programme and NCSC/CESG and Cabinet Office.

Meanwhile, other public sector groups are taking stock after last weekend’s events. For example, BCS, the Chartered Institute for IT, will be discussing its response to the cyber attack this week. Its director for Community & Policy, David Evans, has already been thinking about ransomware affecting schools.

He said, “Sadly, ransomware attacks are not new, but the attack last Friday was the first of its type in that it was indiscriminate in its targets. We know that these health and care sectors in the UK were badly hit, but so were car manufacturers, distribution companies and the German railways to name just a few. These are just the ones that we all know of.

“It is unlikely therefore to expect that schools would be exempt from this type of attack. As is often the case, no-one likes to report the fact that they have been the victim of a successful attack, not least because it highlights a vulnerability in their systems.

“There are some basic steps that all schools should be taking, and continue to take to minimise the risk to their systems. There are some good resources specifically for schools on the NEN website.   Other good sources of advice can be found at

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.