Working with your elected members will be a vital part of your response to a cyber incident.
Why engagement matters
Members are likely to be under lots of pressure from residents seeking reassurance on service impacts, continuity, recovery of services, and data safety. By engaging early and supporting them in their role as community representatives you will be able to equip them to help you achieve the swiftest and safest recovery possible.
Involving members in the communications cycle
With the likelihood of significant public and media interest following a cyber incident, you are likely to be asked to provide updates and briefings over and above normal meeting cycles and other regular updates that you already provide (for example briefings to portfolio leads). This is important, but you will also need to ensure that you protect the focus of your teams who are responding to the incident.
Ideally you should use your emergency planning arrangements to find a rhythm that works for members and sustains the space for officers to coordinate the response and business continuity.
Expect your members to be asked to respond to media coverage and make sure that you consider this alongside your communications strategy. You will need to make sure that you explain the continued risks posed by the threat actors (and other potential threat actors), as well as the need for coordination with your insurers.
Using members’ skills
Some members may be more expert in the technical aspects of cyber threats. Consider how you can keep them briefed and the role they could take in reassuring other members (for example, taking a lead role for receiving briefings).
Impacts on support for members and governance processes
Member casework is also likely to be impacted, with increased levels of contact from residents if your services are severely affected. Preparing for this and monitoring casework to ensure responses are being managed effectively will help to sustain member confidence in the response and recovery work.
Even in an emergency it is vital to maintain safe and legal member governance, and you are likely to need to make decisions outside of normal governance processes. Work with your democratic services and governance teams to ensure that you have clear lines of reporting and accountability (for example, clear powers of delegation, reporting to Audit Committee, Scrutiny etc).
You may also be asked to support briefings for local Members of Parliament, as they will also be receiving contact from local residents and businesses. Plan for this proactively and make sure that you have the right contacts and update rhythms in place from early on in your response to the incident.
Our guidance below is set out to reflect the distinct roles of your political administration and frontline members, helping you to make sure that your plans respond to their different needs.
Your key strategic actions
(Note: these are a strategic guide, not an exhaustive list of every action you should take.)
To ensure that you work effectively with elected members as you manage the response and recovery:
- Do not overlook the important role that members play as representatives of your local communities. Support and equip members by providing clear, timely information. Sharing this Cyber Grab Bag to help them understand the wide range of actions that are being taking and how they should expect to be engaged and updated through the recovery process.
- Maintain officer focus by using your emergency planning arrangements to establish a sustainable communications rhythm that works for members, while protecting the focus of your officer teams coordinating the response.
- Explain complexities and risks. Ensure members are aware of the specific complexities of the cyber incident response, the continued risks posed by threat actors, and the necessary coordination with insurers.
- Maintain governance and accountability. Work with democratic services to ensure safe and legal member governance is maintained. This includes clear lines of reporting, accountability, and authorization processes for required decisions (for example, delegated spend thresholds).
- Prepare for and monitor the expected increase in member casework due to affected services, working with your member casework team to ensure responses are managed effectively to sustain member confidence.
- Provide oversight opportunities by planning for briefings and updates to Audit Committee and / or Scrutiny to ensure proper member oversight is in place. Consider use of closed sessions to share more detailed updates while reducing the risk of disclosing sensitive information that might compromise your response and recovery.
Key contacts
- Your organisation’s leader of elected members
- Your organisation’s deputy leader of elected members
- Your organisation’s senior leader responsible for crisis communication
- Your organisation’s senior leader’s deputy responsible for crisis communication