Cyber-attacks can disrupt the safety, operations and crucial services of UK public sector organisations, schools and colleges — from compromising people’s privacy to disrupting government departments.
Getting your Trinity Audio player ready...
null

The Information Commissioner's Office (ICO) reported 347 cyber-attacks on schools in 2023 — an increase of 55% from 20221. Britain's public sector was significantly impacted by more cyber-attacks in 2023 than in all previous years combined2.

Current cyber security threats: Phishing, ransomware and more

Cyber criminals seeking personal data phishing and ransomware opportunities are targeting well-funded schools and public sector organisations. Interconnected ecosystems in a modern healthcare system or an online training facility are their ideal targets because they provide multiple intrusion points.

Most prominent threats

Phishing and malware attacks

Phishing attacks remain a common threat, with 90% of businesses experiencing at least one attack every year. For higher education institutions, this figure is 100% (while 77% have experienced malware attacks)3.

Ransomware attacks

In 2023, the ICO reported that ransomware attacks have increased yearly since 20192.

State-sponsored attacks

In November 2023, the National Cyber Security Centre (NCSC) warned UK organisations, including critical infrastructure, of significant cyber threats due to the rise of state-sponsored cyber-attacks4. These well-orchestrated attacks can deploy sophisticated malware to compromise systems and networks, interrupting essential public services.

Government initiatives to safeguard organisations from cyber-attacks

NCSC guidelines

The NCSC provides essential guidance and resources to help organisations enhance their cyber security posture5. Key highlights of their guidance include:

  • Tailored advice on cyber security topics, including risk management, incident response and secure digital services.
  • Training programmes and resources to improve cyber security awareness and skills among public sector employees.
  • Cyber Essentials, a self-assessment certification where organisations evaluate their systems against specific criteria, and Cyber Essentials Plus — a more comprehensive technical audit.

Reporting an incident

Organisations affected by cyber-attacks can report their cyber incidents on the NCSC's dedicated website6. The process involves filling out a form with details about the incident, including how it started and its impact.

Best practices for enhancing cyber security

According to a recent report, building a risk-averse internal culture is the public sector's top digital transformation challenge7. Public sector entities typically have complex IT infrastructures comprising diverse systems and legacy technologies. An effective cyber security strategy for these institutions must have the following:

Regular cyber security risk assessment

Conducting regular cyber security risk assessments will help the public sector and educational institutions to:

  • Safeguard sensitive information and critical assets
  • Develop recommendations to mitigate these risks
  • Meet regulatory requirements such as GDPR
  • Keep their organisation's risk profile up to date when its networks and systems evolve
  • Avoid long-term costs and reputational damage by reducing data breaches

Cyber security awareness programmes and training

Every day, public sector organisations deal with personal or sensitive information. Therefore, employees need to undergo training on identifying phishing attempts, securely handling confidential data, and complying with internal security policies. Regular training can help organisations to:

  • Build a security culture where employees are the first defence against cyber threats
  • Mitigate the risk of a cyber security incident stemming from human error
  • Improve password practices, reducing the risk of unauthorised access to accounts and systems
  • Foster a culture of reporting security incidents

A robust incident response plan

Public sector organisations should have a well-defined plan for responding to and recovering from cyber-attacks and data breaches. An effective incident response plan can help these sectors to:

  • Detect and contain cyber threats
  • Gain deep insight into how and why the incident happened
  • Restore affected systems
  • Reduce lost revenue, regulatory fines and other costs

Leveraging artificial intelligence (AI) to improve security posture

75% of IT security professionals say they have seen an uptick in attacks over the past year, with 85% attributing the rise to bad actors using AI tools8. AI-enabled offensive tools can automate malware, execute highly targeted attacks, and intrude into the most carefully planned cyber defence.

Public sector organisations can embrace advanced AI tools to handle a growing onslaught of breaches and bridge the gap in qualified security resources. Some other helpful use cases could be:

  1. Detect and mitigate threats faster: AI-powered systems can accelerate threat detection and mitigation by monitoring data at scale and speed.
  2. Improve the incident response programme: AI-powered systems offer real-time insights and generate incident summaries to identify root causes. Their predictive capability also helps anticipating potential attack channels and refine cyber security strategies.
  3. Protect communication channels: AI-powered encryption systems can better safeguard sensitive data by dynamically adjusting encryption parameters based on network traffic, device type, and user behaviour.

Future trends in cyber security

Cyber security is rapidly evolving, making it difficult for public institutions to protect their attack surface. AI tools will become more mainstream to help organisations fortify their cyber defence and bridge the skills gap.

Emphasis on zero-trust architecture

A zero-trust approach is essential because the traditional network security model struggles to secure the modern IT ecosystem, including cloud environments, data centres, IoT devices and remote access for employees, vendors and business partners. Latest market report predicts that 75% of organisations will exclude unmanaged and legacy systems from their zero-trust strategies in the next two years9.

Protecting data with quantum encryption

Although in its early stages, quantum encryption has the potential to offer greater security than traditional encryption methods. Built on the laws of physics, it gives a suite of powerful advantages, such as unhackable key transmission, unaltered data and an alert system to make users aware of any unauthorised interception.

Tackling the growing cyber risk with knowledge and partnerships

The future of cyber security is shifting towards resilience rather than mere defence. The public sector and educational institutions should invest in their cyber security strategy to prevent attackers from intruding into their systems and accessing sensitive public data and critical information. Early adoption of AI tools, adequate training and adherence to government guidance can help them build better cyber security capabilities.

Over the years, Gallagher has worked with many public sector organisations to strengthen their cyber defences. Contact our team to find out how our cyber security specialists can support you.

How Gallagher can help

Gallagher works with publicly funded organisations of all sizes to help them manage and mitigate their cyber risk with insurance solutions and cyber risk management services.

To find out more, get in touch with us here.

Sources

1. “Data security incident trends,” ico. Accessed on 11 Sep 2024.

2. Martin, Alexander. "UK Hit by More Ransomware and Cyberattacks Last Year than Ever Before," The Record, 10 May 2024.

3. "Cyber Security Breaches Survey 2024," GOV.UK, 09 Apr 2024.

4. “NCSC Warns of Enduring and Significant Threat to UK's Critical Infrastructure," National Cyber Security Centre, 14 Nov 2023.

5. "Public sector," National Cyber Security Centre, Accessed on 11 Sep 2024.

6. “Report a Cyber Incident," National Cyber Security Centre, Accessed on 11 Sep 2024.

7. “KPMG global tech report: Government and public sector insights,” KPMG. Accessed on 11 Sep 2024.

8. "The State of Cybersecurity and Third-party Remote Access Risk,” SecureLink, Accessed on 11 Sep 2024. PDF.

9. "Gartner Unveils Top Eight Cybersecurity Predictions for 2024," Gartner. 18 Mar 2024.

Disclaimer

The sole purpose of this article is to provide guidance on the issues covered. This article is not intended to give legal advice, and, accordingly, it should not be relied upon. It should not be regarded as a comprehensive statement of the law and/or market practice in this area. We make no claims as to the completeness or accuracy of the information contained herein or in the links which were live at the date of publication. You should not act upon (or should refrain from acting upon) information in this publication without first seeking specific legal and/or specialist advice. Arthur J. Gallagher Insurance Brokers Limited accepts no liability for any inaccuracy, omission or mistake in this publication, nor will we be responsible for any loss which may be suffered as a result of any person relying on the information contained herein.

Stay connected with the company that’s connecting the dots with what’s happening in the industry and around the world
Related Articles