The meeting was scheduled to receive two reports on the performance of the Shared Technology Service (STS), a shared IT service used by the London Boroughs of Brent, Lewisham, and Southwark. The first report provided an update on the service's performance and projects, while the second, confidential report, provided an update on cyber security.

Shared Technology Service Update

The Shared Technology Service Update Report was included to provide an update on the performance of the STS and discuss a number of related projects.

The report pack included a breakdown of recent service level performance by incident and request priority. The report also detailed the volumes of tickets that have been raised with the service, and the categories that they relate to. The report also outlined recent improvements to on-site and telephone support.

The report pack included the following statement about the volume of Priority 3 (P3) incidents:

P3 incidents are far and away the most common type of incident as these will generally relate to issues experienced by individual users. The target SLA is to resolve 90% of P3 incidents within two working days.

A number of recent service improvements were included for discussion. These included a trial of removing the requirement for visitors to the on-site support team to log a support ticket before attending for support, as well as the implementation of a new system for automatically logging tickets raised via the telephone support line. A number of future improvements were also included for discussion, including the introduction of a reception/concierge service, and the use of an Interactive Voice Response (IVR) system for telephone support.

The report pack also included an update on a number of ongoing projects being delivered by the STS, including:

• The refresh of all laptops across the three councils
• Upgrades to the network infrastructure at Brent Civic Centre, Lewisham Laurence House and Southwark Tooley Street
• The migration of mobile phone services to O2
• Upgrades to the councils' Windows Server infrastructure

The report pack also included information about how the Shared Technology Service is governed, how risks are managed, and how the service is audited.

The report pack also included details about recent digital transformation projects that have taken place at the three councils.

Shared Technology Service Cyber Security Update Report

The Shared Technology Service Cyber Security Update report was included to provide an update on the cyber security status, threats and mitigations identified in relation to the STS. Because it is confidential, the report was scheduled to be discussed during a closed session of the meeting.

The report pack included an update on recent events and threats, and the mitigating actions that the STS had taken. The report pack also included an outline of future plans, including the development of a new Cyber Security Strategy for 2024-2026.

The report pack included the following quote about the way that the STS are working to protect against the unauthorised access and use of computers and data:

To protect against privilege escalation in the cloud and on-premise environment, STS had been working with CrowdStrike on their identity protection tool to understand the risk with accounts and the likelihood of exploit and the process to secure corporate identities.