A refreshingly progressive report was published in the UK recently, by Nesta, titled ‘Connected Councils: A Digital Vision of Local Government in 2025’. We say refreshing because this is not a doom and gloom report about how corporations are failing to tackle cyber security and how few have action plans or funding in place. In this case, the authors are taking an open minded look at what might be possible for the future and the benefits going digital could present to local government. It’s the ultimate in blue sky thinking for local government.

We’re not going to delve too deeply into the possibilities offered by making councils function in an increasingly digital-dependent way, obviously this presents many exciting opportunities. Great human resource savings could be made, services could be streamlined and more easily accessed, citizens could be more closely engaged in decision making and data could be gathered and analysed more effectively. There is no doubt that services such as those offered by local councils like social care, housing benefits, transport services, education, cleansing services and all manner of functions could benefit greatly from increased digitisation.

However, what also needs to be done amidst the rush to digitise services is to look rationally at how it can be done, whether it should be done and what the potential dangers and pitfalls are. To start with, let’s consider human resource. While a great deal of functionality could become digital, some council employees will still be required, be it to assist people who are unable to access the digital services themselves or to carry out the services themselves. We’re somewhat far from the stage when social care can be done using robots. This means that those employees will be increasingly required to access greater amounts of data and therefore present a risk to its security. A huge volume of data breaches are the result of human error and with more data present, the damage caused by such losses is potentially greater.

Another issue is that in streamlining these services by using something like a portal to provide access, the data itself it’s accessible from a central location. To employees, which is great, but also to any criminals who might be interested in stealing it. Imagine how effectively a criminal could commit identity fraud if they had every minute personal detail held by local services.

Evidently, solid security is going to be a vital proponent of any move to more digitised local government. No sector is immune to cybercrime and the type of data held by systems belonging to local government is exactly the type of data criminals would love to get their hands on. One major provision already being carried out in this way is the gov.uk portal, where the systems to apply for passports and driving licenses already have some level of integration. Yes it saves some hassle; they’ll use your passport photo for your new driving license to save you getting a new one taken. But at what risk? Imagine the full driving license and passport details of most UK citizens were leaked online somewhere.

Currently, councils work completely independently of each other, even those bordering each other are likely to have completely different processes and consequently completely different software and systems. While many might buy off the shelf solutions, some have also developed their own. With this current model, it’s also difficult to envisage how increasingly digitised services could be effectively integrated, monitored and safeguarded. For it to happen, there will have to be a huge shift in local government mindset and strong leadership from the government. Having councils work independently from each other on achieving these ambitious digital goals is bound to bring mixed results and some solutions seriously lacking in good security practice from the outset. Should these aims move forward, close monitoring and strict compliance regulations will be essential.

Currently, local councils are able to procure the digital products they need through the government’s G-cloud procurement system, where products such as Acunetix are offered. Here councils can find and compare solutions which meet their needs, such as vulnerability scanners and other cyber security tools.

In the future, such a service could be used to present the available solutions for digitisation and ideally give guidance on which are reliable in terms of good service delivery and importantly, security. This report offers a fascinating insight into the potential for digitised local service delivery in the future but a huge amount of work is now needed to assess how this can be done in the most effective way possible, to provide valuable local services and to do so without risking the loss of sensitive personal data.

SHARE THIS POST
THE AUTHOR
Acunetix

Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.