Purpose

This report provides an overview of the
improvements in cyber security across the organisation and is
presented to this committee to provide a progress update requested
during the last meeting on 29 January 2024.

Cyber remains one the council’s most significant risks with
cyber-attacks across the public sector growing in frequency,
sophistication and impact. In July 2024 LCC fell victim to a
high-risk cyber-attack and this has led to even further
improvements to the security controls in place.

These newly introduced capabilities are helping to manage the
current level of cyber risk, outlined in the Corporate Risk and
Opportunity Register, and this has led to a reduction in the risk
rating from Red to Amber.

The council uses a Microsoft Secure Score to assess its security
posture. The score is currently 67% and improving every month,
compared to 48% for organisations of a similar size.
Recommendation
The Audit, Risk and Governance Committee is asked to consider and
comment on the progress to date.