A specific budget for cyber security within Clare County Council has been suggested by an Ennis elected representative.
In March of this year, the local authority’s exchange server fell foul to an attempted hacking. This resulted in the suspension of all email activity for Council staff for a four day period on the advice of cyber security specialists. No data breach or malicious activity beyond an initial probing was detected.
An independent review of the Council’s ICT systems was sought by Cllr Johnny Flynn (FG) “in order to establish its systems ability to withstand cyber-attack in order to protect sensitive information it holds”. His motion was seconded by Cllr Joe Garrihy (FG).
Director of Finance and Support Services, Noeleen Fitzgerald in response to this proposal outlined that a multi-layered approach to cyber security has been implemented to “strengthen the council’s systems ability to withstand cyber-attack and protect any sensitive information and systems”. This includes strong access, password controls, end user awareness training, managed firewall services, latest virus protection technology, multifactor factor authentication, encryption, email and web filtering, patch management, network activity monitoring and backups.
Staff from different directorates have been added to an information and cyber security committee. “We also have in the past and will continue to engage independent Information and Cyber security experts to periodically review and test existing controls, provide recommendations where improvement can be made or recommend new technologies that can be utilised to improve existing controls and protection against cyber security attacks,” Fitzgerald stated.
She added, “Clare County Council will continue to focus on protecting against cybersecurity attacks allocating the required resources where required”.
Independent specialists should be consulted for an audit of the systems in place, Cllr Flynn believed. He described the reply from the Council as “very encouraging”. An allocation to cyber security should also be included in the next Budget, the Ennis representative maintained. “The amount of ransom and malware attacks have intensified,” he added, “it is an important area of work to protect the data we hold and the infrastructure we are responsible to the public to maintain and run”.
