About usPower of DataOur Future WorkforceFuture of DefenceTalent Economy
Opportunities in STEMIndustrial strategyBusiness TravelResponsible BusinessRetail & E-Commerce
Artificial IntelligenceRenewable FuturesTaxFintechCybersecurity & Cloud Computing
PropertySmart CitiesProject managementEducationAerospace
Future of TaxCareers in Tech & EngineeringFuture of workSupporting SMEsSport
Business ResilienceNational Inclusion WeekEmployee WellbeingSTEMFinance
Entrepreneurs & SMEsGaming & EsportsClient survey
Home » Power of Data » Cybersecurity threats, incidents and how to deal with them
Power of Data 2025

Cybersecurity threats, incidents and how to deal with them

David Ogden

Director of Engagement, Socitm (The Society for Innovation, Technology and Modernisation)

    In today’s digitally dependent world, cybersecurity is no longer just an IT issue — it’s everyone’s responsibility.

    With local authorities increasingly reliant on online services, the threat of data breaches, fraud and disruption is ever-present. From phishing scams to system vulnerabilities, practical advice can help public sector staff stay alert, reduce risk and build resilience.

    Cybersecurity: practical guidance for public sector staff

    Cybersecurity is a daily concern for local authorities, as public services rely on digital platforms. The risk of data breaches, fraud and service disruption is growing — making awareness, preparedness and resilience essential across every role in the public sector.

    Cyber threats range from phishing and ransomware to internal user errors or malicious activity. These incidents can compromise sensitive data, disrupt operations and damage staff morale. Legacy applications, weak passwords, hybrid IT systems and third-party supply chains increase risk. Inconsistent approaches to cybersecurity across authorities leave gaps in protection. Cyber-attacks continue to increase, led by criminals seeking to steal data for financial gain.

    A 360-degree cybersecurity approach

    All staff must understand their responsibilities when handling personal information. Practical steps include using passkeys and strong passwords, encrypting data in transit and at rest, securing remote access and following clear data handling policies. Regular training helps build a ‘cyber aware’ culture that improves resilience. A ‘Think before you click’ culture is a simple, effective step.

    Senior leaders, HR, finance, procurement and social care professionals need to go further. Organisations need to maintain information asset registers, have up-to-date network diagrams and conduct information risk assessments as part of a robust information assurance process. Organisations need to exercise their cyber response plans and learn from them.

    Organisations need effective
    communications during an incident.

    Communication is key

    Agreeing and documenting the organisation’s critical systems and the order in which they are recovered is essential. Organisations need effective communications during an incident, both internally with their own staff and externally with stakeholders and suppliers. Staff welfare during an incident is also very important.

    Free resources to help you

    Socitm promotes transformation through collaboration. The Cyber@Socitm website is a good example. Through joining a regional WARP (Warning, Advice and Reporting Point), the Socitm Cyber Technical Advisory Group (CTAG) brings together local and central public services to discuss and learn about cyber collaboration. Ultimately, strong governance, shared knowledge, collaboration and proactive staff training help local public services stay safe, resilient and trusted in the digital age.

    Author
    David Ogden
    Share Share
    Topics
    Power of Data 2025
    Next article