Figure 2: Example of service impact
Imagine, your service experiences a prolonged system outage in its IT infrastructure following a ransomware attack, affecting access to critical applications such as the employee self–service portal and document management system.
This outage leads to disruptions in various services, including delays in processing employee requests, handling procurement approvals, and accessing important documents. The service interruption results in frustration among employees and stakeholders who rely on these services for their daily tasks.
Things to consider:
- Which critical services operated by your team rely on internet access?
- Which of these critical services is prioritised to be brought back online first?
- Have you created offline records and plans for use during a cyber attack and ensured all authorised personnel have access to them?
Figure 3: Example of financial impact
Imagine, your service, adhering to a strict no–ransom policy, decides not to pay the attackers.
Despite this, your service now faces significant financial consequences in the aftermath of the attack. Costs are incurred for engaging cyber security experts to assess and contain the breach, invest in system restoration efforts, and implement enhanced security measures to prevent future incidents.
It has not been possible to pay suppliers or collect payments owed to the council during this time, creating cash flow issues for the council and its partners.
Things to consider:
- How prepared are you and your team for an incident like this?
- To what extent would you and your team have financial resilience and contingency plans in place to address the unexpected costs associated with a cyber attack?
- How would you communicate with suppliers and partners about this incident and delays to payments? What if email was unavailable during this time?
Figure 4: Example of data impact
Imagine, a data breach occurs in the Human Resources database, exposing sensitive employee information such as National Insurance numbers, bank account details, and performance reviews.
This breach not only jeopardises the privacy and trust of employees but also exposes the council to potential legal consequences.
Things to consider:
- How effective is your team’s existing data security and protection measures in preventing the cyber attack, and what improvements can be made to enhance the overall security posture?
- How well would your team execute its incident response plan, including communication strategies, in the immediate aftermath of the data breach?
- Does your team know the steps they would need to take to comply with data privacy regulations and notification procedures in the wake of the data breach, and what potential legal and reputational consequences may arise?