Participate in the LGAQ Cyber Maturity Assessment Program
We all know that cybersecurity is one of the most pressing risks facing councils in Queensland, with implications for liability, cover and financial sustainability.
Local governments should be under no illusion that they are front and centre in the minds of cyber criminals and activists. This is because councils are perceived to have deep pockets, hold layers of data that lends itself to use in an extortion context (including personal information), increasingly control utilities or public infrastructure via the internet of things (such as water, sewer and waste networks, traffic control devices, CCTV and lighting to name a few) and can be viewed as a “soft target”.
We are certainly seeing this in the incident and response claims space at LGMS.
The implications are obvious but concerning – the price of cover is going up and will likely continue to increase (including premiums). The level of cover is often contracting (either through higher deductibles being imposed or restrictions on cover), and insurers and reinsurers are becoming increasingly selective about the underlying risk of the entities that they are prepared to expose their capital to the risk of a loss by extending cover in the first place.
Councils that take steps to understand their level of risk, and take steps to prioritise and deliver further actions and initiatives to reduce that level as of risk in a planned and considered way that aligns with industry practice such as the ACSC Essential 8 will be best placed to minimise the risk of an adverse claim outcome and continue to successfully engage with cover providers.
The flip side is that councils that do not understand their level of risk and/or are unable to demonstrate what they are doing in response to that risk will face an increasingly handicapped task in being able to carry appropriate and sufficient cyber liability cover.
For these reasons, it is absolutely critical that every LGMS member takes appropriate steps to understand their cyber risk management maturity and takes strong action to address gaps in their security controls and protocols.
To support councils in this process LGAQ is currently offering a Cyber Maturity Assessment and customised recommendation report to every council at no cost. Participation is virtual and facilitated, and uses an efficient, effective and supportive process with minimal impact on council officer time. The outcomes include practical and customised recommendations to support participants to actively manage risk and improve cyber maturity.
For LGM Liability members, it is anticipated that the information and outcomes from this process will form an integral part of arranging supporting covers for cyber liability. Every council member, no matter how small or large, will benefit from making the most of this opportunity by participating.
Members are strongly encouraged to contact LGAQ's Chief Digital Officer Tracy Whitelaw to find out more and arrange participation in the assessment as soon as possible.