Purpose

In January 2024, the council
experienced a cyber security incident which led to the
precautionary measure to temporarily suspend access to a number of
the council’s online systems. Although an investigation into
the incident determined that there was no evidence that customer
data had been compromised, and the council’s systems were
quickly restored, the potential consequences of a cyber attack
could be far reaching.
 
With the drive to provide more
efficient and resilient services to residents, more of our service
delivery is moving online, placing greater reliance on technology.
This in turn places more risk on the potential impact of cyber
attacks. It is therefore vital that the council corporately
recognises this level of risk and takes appropriate levels of
mitigation. 
 
As a consequence, cyber
security is currently one of the highest scoring risks on the
Corporate Risk Register.
 
The Council Leader has
therefore called for a new Cyber Security Cabinet Advisory Group to
be created.
 

Decision

To create a Cyber Security Cabinet
Advisory Group in line with the terms of reference and membership
set out in Annex 1 to the report;

 
2. 
That the meetings will be held in closed session to allow full and
frank discussions surrounding the council’s security
vulnerabilities which would generate a risk from disclosing
publicly.