Parliament’s procurement team is seeking a partner to help it change the wicked ways of MPs and staff when it comes to cybersecurity — saying it’s looking for an expert in “behavioural and cultural change” to maintain Parliament’s cyber-capability.
The Parliamentary Procurement & Commercial Service says it plans to roll out a “cyber capability change programme” over the next 24 months, and is initially putting out feelers with a soft market-testing questionnaire (deadline: October 14, 2019).
It’s seeking workforce capacity support, as well as cultural change…
Ensuring “behavioural and cultural change to maintain Parliaments Cyber Capability
Creating a “target operating model review and validation for delivery of Cyber Capability”, and
Developing a “workforce management strategy for maintenance, development and retention of Cyber Capable personnel
The team hasn’t put a budget to the contract at this stage, saying the questionnaire will provide “a greater awareness of consultancy solutions that currently exist in the market place and to enable Parliament to see if their ambitions to deliver broader Cyber Capability & Cultural Change can be supported by an external provider.”
Like any enterprise workspace, Parliament is no-doubt struggling with the perennial issue of staff clicking phishing/whaling links; one of the most enduring behavioural challenges for businesses and a key vector for broader cybersecurity attacks.
It will find no shortage of businesses dedicated to user awareness of malicious urls, elegantly spoofed emails purporting to be from ministers, and other such campaigns.
“Instead, you should widen your defences to include more technical measures.”
As the NCSC notes, various resources exist to help users spot the common features of phishing messages, such as urgency or authority cues that pressure the user to act. CPNI’s Don’t Take the Bait! Campaign provides a range of materials to support this.
This article is from the CBROnline archive: some formatting and images may not be present.
Join Our Newsletter
Want more on technology leadership?
Sign up for Tech Monitor's weekly newsletter, Changelog, for the latest insight and analysis delivered straight to your inbox.