“ … we have a suspected cyber-attack in progress and all ICT systems are now being shut down… likely to be unavailable for at least a week … a virus is believed to have been introduced via an email attachment …”
The words of Ann, the Head of ICT, are met with absolute silence and shocked faces – while she continues to give more details on the attack and what ICT are doing to respond to it, I can see similar thoughts going through my colleagues minds as they try and assess the impact of a total loss of ICT on their services.
- Was it me or one of my staff that opened that email?
- Where is my Business Continuity plan, do my teams know what they should be doing?
- Better start contacting our partners to let them know, check diary, sort out cancellations and rescheduling…
- … Oh, all my contacts and diary are on corporate systems that aren’t available.
Ann continues, “…systems will be out for days… phones not affected… but no email, financial systems, or access to service systems…” A colleague, his face now quite pale, immediately starts to text his front line staff – but should he be doing so, I wonder? With my plans and expectations for the rest of week rapidly changing and being replaced by uncertainty, dealing with anxious staff, councillors and customers, failed KPI’s and visions of some very long days ahead, I eventually hear the words…
“This is an exercise, I repeat, this is an exercise. However it could so easily have been for real, so what have we learnt?”
An intense and useful discussion then follows around those issues that gave us the worst sinking feeling – managing the media & members, key decisions about planned events such as a local election, council meetings etc., coordinating actions across services, defining lead roles and continuing with critical service delivery without ICT – we all realised that our dependency on ICT is so ingrained that at times it is almost impossible to consider how any organisation would survive a prolonged loss of ICT. Working together we then identified possible gaps in our response to a cyber incident and what we can do now to both help improve our resilience and increase our chances of managing our way through and emerging on the other side relatively unscathed. In particular, this made us focus on what service areas would need to take priority, and the importance of an effective approach to communications across the board made all the more difficult without key ICT systems to use.
So, after a horrible sinking feeling in the pit of my stomach, through the intense sense of relief that it was an exercise, to the realisation that such an incident has far-reaching impact and consequences. A lot of food for thought!
Nicole Rickard – Head of Communities: email@example.com
Ann Carey – Head of ICT: firstname.lastname@example.org