The Essex Digital Strategy includes both long term and short term plans for the council. The strategy outlines the specific actions, timelines and resources needed to implement the goals of this cyber security strategy.
Approach priorities
Our approach to cyber security is structured around three core priorities: defend, deter and develop.
Defend focuses on:
- reducing attack surface area
- active cyber defence through the Security Operations Centre and existing automated detection and response tools
- changing corporate behaviours through mandatory security training
- managing incidents and understanding the threat
Deter focuses on:
- enhancing current capabilities
- applying HM Government’s cyber security guidance – for example, National Cyber Security Centre (NCSC) Principles, Local Government Cyber Assessment Framework (LG CAF), Public Services Network (PSN) Code of Connection and NHS Security Data Protection Toolkit
Develop focuses on the continuous development of:
- the council’s cyber security strategy and delivery roadmap
- cyber governance frameworks
- cyber security policies and procedures
- security awareness and training program
- cyber risk management and controls framework
Critical success factors
The cyber security committee will perform a formal review and follow a regular update process to make sure that the council’s cyber security strategy and Essex Digital Strategy remain relevant and effective.
