
SureCloud Strengthens West Suffolk Council’s Security Posture with Vulnerability Assessment Solution
The Challenge

Councils and public sector organisations have in recent years started to increasingly be the focus of more cyber attacks, with some very high-profile data breaches reported in the press. In the first half of last year, it was reported that local councils across the UK faced 263 million cyberattacks (Teiss), proving just how vulnerable councils can be to malicious hackers and the importance of maintaining robust cybersecurity defences. Local councils are deemed high risk given the amount of sensitive and Personal Identifiable data they hold on their citizens, which holds value to cyber-criminals looking to profile potential victims.
A successful attack on an organisation can be very disruptive, and for Suffolk County Council it could lead to potential loss of data, reputation damage as well as impacting the services offered to citizens. Research shows that the top three concerns for local councils when it comes to a potential cyber-attack are the loss of sensitive data (53%), financial repercussions (53%) and the expected impact on service delivery (41%) (iGov News). Successful attacks cost local councils £430,000 on average (Teiss), with one particular attack costing a council over £2 million, a financial burden ultimately passed onto taxpayers. Therefore, the Council’s approach to cybersecurity needs to be continuously reviewed to identify any vulnerabilities before they are exploited.
SureCloud has been providing a broad range of cybersecurity services to numerous local Governments, including annual IT Health Checks and vulnerability scanning solutions, over the last fourteen years. Suffolk County Council is one such customer and aware of the current threat landscape, decided to add SureCloud’s Vulnerability Assessment solution to their SureCloud environment, deployed to scan for, identify and report on vulnerabilities in both internal and external networks.
Having previously used an automated vulnerability scanning solution to cover their large infrastructure, the Council found that a major limitation was that without human intelligence, there were high rates of false positives or false negatives and typically there is no contextualised output. With SureCloud’s Vulnerability Assessment, consultants now manage the scans, which are run at an agreed frequency and continually monitored, and then when the scans are complete, SureCloud’s experts analyse, validate and prioritise the results.
The new solution provides Suffolk County Council with clear reports, both as a summary and a thorough technical report, as well as a simple dashboard and a list of each vulnerability with its associated metadata. The summary report gives the Council a clear snapshot of its current cybersecurity posture, and this can support a more effective remediation strategy.
The Solution

Speaking on the solution, Russell Armstrong, IT Security Manager at Suffolk County Council, said:
“SureCloud is a market-leading cybersecurity company and having worked with them for many years we have found they are always available to help when we need it. As SureCloud has plenty of experience working with local governments, we know we are in good hands and it made sense for us to migrate to SureCloud’s Vulnerability Assessment solution.”