The Effective Information Sharing & Security (EISS) programme is one of iNetwork’s strongest and most established networks. Over the last year, we have successfully supported the data security and information governance communities to be stronger information leaders, to improve cyber security and resilience, and support improved necessary and proportionate information sharing for effective partnership working and person-centred care. As part of this, we have: run cyber simulation events, convened discussions about the opportunity and threats of AI, offered training on understanding, mitigating and investigating Insider attacks and delivered the NW WARP service. Central to the strong delivery for this programme is the collaboration work we have done as part of the Northern WARP.
This programme year, we are continuing to deliver more of the same strong and focused services for the EISS community. We have worked with the EISS Network Leadership Group (NLG) to agree the programme priorities for 2024-25. Comprised of colleagues from various sectors across the iNetwork membership, the leadership group is essentially the programme board, providing thought leadership to determine the key topics for the following year. These priorities evolve in response to emerging trends and challenges within the local public sector, and are formally agreed upon in NLG meetings prior to the commencement of each fiscal year.
The 2024-25 Priorities for the EISS Programme:
Looking forward into 2024-25, the EISS NLG have agreed to keep the three main priorities for the programme the same:
– Information Leadership
– Cyber Security & Resilience
– Information Governance
However, nothing stays exactly static, and the sub-priorities have been updated to reflect the importance of recovery and business continuity after a cyber attack, the growing emergence of AI from security and governance perspectives, and supporting the application of new laws, guidance and best practice (such as the Data Protection and Digital Information Bill, and the Cyber Assessment Framework).
The priorities for 2024-2025 are listed below:
EISS Priorities 2024-2025 |
1. Information Leadership – iNetwork will upskill Senior Information Risk Owners, Information Asset Owners, Data Protection Officers and other information leadership. We will facilitate national level engagement to influence information access policy/ programmes. |
1.1 Effective engagement of senior leadership from different sectors and sub-regions. |
1.2 National level engagement with government departments, national stakeholder groups to influence information access policy and programmes. |
1.3 Up-skilling information leadership in iNetwork member organisations i.e. Information Governance Leads, Information Security Leads, SIROs, IAOs, etc [this is not a definitive list] |
1.4 Up-skilling information leadership in iNetwork member organisations i.e. Information Governance Leads, Information Security Leads, SIROs, IAOs, etc [this is not a definitive list] |
2. Improving Cyber Security & Resilience – To improve cyber security and resilience amongst iNetwork member organisations. |
2.1 Engaging iNetwork membership in the North West Warning, Advice and Reporting Point (North West WARP) and targeting health organisations and District councils, which are under-represented. |
2.2 North West WARP will engage with relevant national bodies, government departments and act as a conduit for information to membership. |
2.3 North West WARP will collaborate with other regional WARPs to encourage collaboration and partnership. |
2.4 North West WARP will build links with Local Resilience Forums to understand how the role of Business Continuity, Disaster Recovery Teams can support the organisation during and after a major cyber incident. |
3. Improved Necessary and Proportionate Information Sharing to Support Effective Partnership Working and Person Centred Care: To improve necessary and proportionate information sharing to support effective partnership working and person-centred care. |
3.1 Dissemination and discussion of data protection reform, cyber security, government policy at NLG meetings, events and via newsletters, etc. |
3.2 Engaging senior leadership and seeking support for the following information roles: SIRO, CIO, Caldicott Guardian and understanding how these roles align with statutory roles such as Data Protection Officer. |
3.3 Understanding the national picture – relevant guidance, consultations and policy |
The Plan for This Year:
We already have lots of plans in place to deliver against the three EISS programme priorities. Core to this is the continuing collaboration as part of the Northern WARP. Take a look at some of the events we already have lined up for Q1 and Q2:
– NW WARP Q1 Meeting (24 May 2024, Manchester)
– St Helen’s Cyber Attack: the impact & Lessons Learned (24 May, Manchester)
– Introduction to AI for Local Public Sector Senior Managers (7 June 2024, Virtual)
– Northern WARP 4th Annual Conference (5 July 2024, Manchester)
– Insider Attack Simulation WARGame (16 July 2024, Virtual)
How to Get Involved:
We are currently seeking to grow the Network Leadership Group for the Effective Information Sharing & Security Programme. If you would like to be one of our thought leaders and would like to help shape the direction of the programme, please contact Shelley Heckman.