Sepa continues to count cost of 2020 cyberattack, report says

Get the free Morning Headlines email for news from our reporters across the world Sign up to our free Morning Headlines email Sign up to our free Morning Headlines email SIGN UP I would like to be emailed about offers, events and updates from The Independent. Everyone in the public sector can, and should, learn from their experience Auditor General Stephen Boyle Auditor General Stephen Boyle said the incident “highlights how no organisation can fully defend itself against the threat of today’s sophisticated cyber-attacks” and it is “crucial that organisations are as well-prepared as possible”. The report said Sepa was able to continue delivering its key services, like flood warnings, within 24 hours of the attack but, more than 12 months on, it is still rebuilding its digital infrastructure. In the report’s conclusions, it said the organisation had “a number of areas of good practice” which included “Sepa’s quick response and business continuity arrangements that enabled it to continue delivering critical services, and its open and transparent communication with staff and wider public”. The report said Sepa “recognises that the cyber-attack has increased the medium to longer term financial pressures on the organisation” and that “key systems have been rebuilt, such as Sepa’s financial accounting system, with others being built from new and data recovered or recreated securely, and this will take time”.