5 April 2023
On Monday 20 March 2023, a cyber security incident training exercise was held for key SHG staff.
The table top exercise was organised by the IT Cyber Security and Emergency Planning teams. The Emergency Planning Directorate run regular exercises to test, adapt and improve SHGs emergency planning procedures.
This particular exercise focused on cyber security, and is part of the wider cyber security work underway ahead of the Island’s transition to fibre connectivity. This also includes ongoing training of SHG staff by internal and external cyber security experts, with wider training to be offered to the public and other Island organisations in due course.
The aim of the exercise was to highlight both the current cyber security status and think ahead to the increased risk exposure that might result from fibre optic internet connectivity. The exercise saw all SHG portfolios represented and looked at a potential ransomware attack on the government.
It was framed utilising the National Institute of Standards and Technology (NIST) framework for cyber defence with three main objectives:
- To identify and discuss current cyber security vulnerabilities within SHG
- To increase the preparedness of all SHG Portfolios for a high level Cyber Attack
- To increase awareness and understanding of what is critical data within SHG Portfolios
The learning and outputs from the exercise will be used to improve and adapt SHG’s overarching, and portfolio specific, cyber Incident Response Plans (IRPs).
Cyber-attacks pose serious risks to organisations, both public and private. SHG already has cyber defences in place, but with the upcoming move to fibre optic internet connectivity the government is taking steps to further bolster these.
The Cyber Security team has been working with experts from the UK Home Office to identify potential risks, threats and mitigations. This has seen three engagements, supported by the UK Home Office over the last 18 months, alongside some internal reorganisation within the SHG IT section to establish a dedicated team focused on cyber security. Business continuity plans are also being updated and additional investments are being in IT infrastructure to bolster resilience.
Notes to Editor
Ransomware is a type of malware, used by cyber criminals, which encrypts data on users’ computers and ‘holds it hostage’, therefore making it inaccessible and unusable. A ransom payment is then demanded in order to release/decrypt the data.
In 2022 ransomware accounted for around 20% of all cyber crimes and around 70% of companies worldwide were affected by this type of cyber attack; extorting a total of around £373.7m from victims.