City of Bradford Metropolitan District Council

Regional Cyber Resilience Project 

Briefly describe the initiative/ project/service; please include your aims and objectives

In the financial year 2021/22, each of the 38 Local Resilience Forum( LRF) in England have been allocated funding as part ofa government LRF Funding Pilot.

The objectives for the national pilot are:
–  To increase LRF capacity, enabling LRFs to recruit strategic resources to address national and local resilience priorities.
– To build new or enhance LRF capability to address national and local resilience priorities.

A key priority for all the LRFs in the Yorkshire & Humber Region (Humber LRF, North Yorkshire LRF, South Yorkshire LRF, and West Yorkshire LRF) is cyber preparedness. The four LRFs propose using a small proportion of the allocated national funding to work collaboratively on a regional LRF Cyber Resilience Project.

Outcomes
The required outcomes from the project are:
a) A completed Cyber Resilience Standard self-assessment for each of the four Yorkshire & Humber LRFs.
b) A review of Cyber-related risks within the National Security Risk Assessment.
c) A set of recommendations for each of the four Yorkshire & Humber LRFs to meet the Cyber Resilience Standards andaddress cyber risks within the National Security Risk Assessment
d) A definition of an LRF’s role within a cyber response incident, describing what an LRF response would add to individualpartner responses.
e) A Yorkshire & Humber Cyber Plan template that can be adapted/adopted by each of the four LRFs.
f) A format and delivery model for a regional Cyber Technical Advisory Cell (CYB_TAC)during a multiagency cyber incidentresponse that is led by a Strategic Coordinating Group (SCG) or Tactical Coordinating Group (TCG).
g) Exercising of the new cyber plans and arrangements within the year.

Delivery
The Yorkshire & Humber cyber Warning Advice & Reporting Point (WARP) is hosted by Bradford Council and includes membership from the majority of public sector LRF partners within Yorkshire & Humber. The WARP Coordinator (Yunus Mayat) has confirmed that the WARP is willing to host the regional LRF Cyber Resilience Project. Each LRF will contribute to this project (increased/decreased proportionally to their allocation from the LRF funding pilot), All project elements must be delivered and outcomes recorded by 31 March 2022. Operational project reporting will be via the Yorkshire & Humber LRF Secretariats’ fortnightly meeting, with onward reporting through each LRF’s governance structure in line with local arrangements.

What are the key achievements?

Project: During 2021-2022, the Local Resilience Forums (LRFs) in the Yorkshire & Humber Region (Humber LRF, North Yorkshire LRF, South Yorkshire LRF, and West Yorkshire LRF) used a proportion of the allocated LRF National Funding Pilot funds to work collaboratively on a regional LRF Cyber Resilience Project.

Outcomes: The desired outcomes from the project were:
a) A completed Cyber Resilience Standard self-assessment for each of the four Yorkshire & Humber LRFs.
b) A review of Cyber-related risks within the National Security Risk Assessment.
c) A set of recommendations for each of the four Yorkshire & Humber LRFs to meet the Cyber Resilience Standards andaddress cyber risks within the National Security Risk Assessment.
d) A definition of an LRF’s role within a cyber response incident, describing what an LRF response would add to individualpartner responses.
e) A Yorkshire & Humber Cyber Plan template that can be adapted/adopted by each of the four LRFs.
f) A format and delivery model for a regional Cyber Technical Advisory Cell during a multiagency cyber incident response thatis led by a Strategic Coordinating Group (SCG) or Tactical Coordinating Group (TCG).
g) Exercising of the new cyber plans and arrangements within the year.
Delivery: The project was delivered by the Yorkshire & Humber Cyber Warning Advice & Reporting Point (WARP), hosted by Bradford Council, with leadership from the WARP Coordinator, Yunus Mayat. Oversight of the project was through the Yorkshire & Humber LRF Secretariats fortnightly meeting.

Outputs: There were a number of physical documents outputs from the project, mapped against each of the project outcomes listed above.
Closedown: A final project review meeting was held on 02 August 2022 when all four LRFs confirmed completion of the project and delivery of all project outcomes. The only remaining element is to repeat delivery of the Cyber Exercise (piloted in Humber LRF on 28 June 2022) with the remaining three LRFs. Dates are being incorporated into the forward exercise programmes of these LRFs for delivery by 31March 2023

How innovative is your initiative?

The Yorkshire & Humber Regional Cyber Resilience Project pooled national funding allocated to LRFs to achieve, at scale ,improved cyber resilience within the four Yorkshire & Humber Local Resilience Forum (LRF) partnerships. The funding allocation to LRFs was a national pilot, and for the first time this allowed the Yorkshire & Humber LRFs to jointly commission the project. The project recognised the interdependencies between cross- boundary partners, and the benefits of a shared approach to allow better coordination of mutual aid during a cyber incident. As well as working on more “traditional” areas of cyber preparedness such as risk assessment and compliance with the National Resilience Standards, this project pushed further, allowing the LRFs to develop new LRF level shared cyber planning templates, new cyber plan templates for LRF partners, and, most importantly, a shared delivery model for a regional Cyber Technical Advisory Cell. We are pushing this beyond a “response” Cell, and it will become a standing Cell across the 4 LRFs to support ongoing cyber resilience and bring regional and national experts into Yorkshire & Humber.
By working with and through the Yorkshire & Humber Warning Advice & Reporting Point (WARP), we were also able to develop a multiagency simulated cyber exercise. Cyber exercises tend to be run internally within organisations – our project pushed this forward into the multiagency arena.

What are the key learning points?

The key learning points are:
– The importance of a multiagency cross-boundary approach to cyber resilience.
– The cyber interdependencies between statutory partners both within a County and regionally.
– The criticality of a shared regional understanding of cyber risk.
– The need for shared cyber response templates across a Region to support consistent assessment of cyber incident impacts and resulting mutual aid.
–  The need for multiagency cyber exercising within a simulated cyber environment.
–  “Making friends before you need them” by constituting a standing Cyber Technical Advisory Cell both in “peacetime” and during a wide-reaching cyber incident requiring multiagency coordination.
– The importance of investing in multiagency cyber resilience.

Our regional project resulted in:
–  A completed Cyber Resilience Standard self-assessment for each of the four Yorkshire & Humber LRFs.
– A review of Cyber-related risks within the National Security Risk Assessment.
– A set of recommendations for each of the four Yorkshire & Humber LRFs to meet the Cyber Resilience Standards and address cyber risks within the National Security Risk Assessment
–  A definition of an LRF’s role within a cyber response incident, describing what an LRF response will add to individual partner responses.
– A Yorkshire & Humber Cyber Plan template that has been adopted by each of the four LRFs.
– A format and delivery model for a regional Cyber Technical Advisory Cell during a multiagency cyber incident response that is led by a Strategic Coordinating Group (SCG) or Tactical Coordinating Group (TCG), and the constitution of this same Cell during “peacetime” to ensure our relationships are strong before a cyber incident.
– Exercising of the new cyber plans and arrangements within a virtual environment.
All these are highly replicable and scalable. Our regional project has produced the above range of products which could beeasily shared and adopted by other areas/regions, to shortcut their development towards enhanced regional cyber resilience.