Case Study: Navigating a Cyber Incident as a Local Government CEO

Effective leadership is tested in moments of uncertainty and high stakes. Jacqui Weatherill’s ability to guide the council through a cyber crisis offers valuable lessons for CEOs across industries. Her experience underscores the importance of preparedness, collaboration, and resilience in addressing the escalating risks of cyber threats.

Insights from a Leader

On 28 November 2024, Jacqui Weatherill, CEO of the City of Greater Dandenong and former CEO of the City of Stonnington, shared her strategies for navigating a cyber incident with a group of CEOs. Hosted by Digital Frontier Partners, the session emphasised the critical need for robust response mechanisms to counteract the increasing frequency of cyberattacks.

The Australian Signals Directorate (ASD) reported over 1,100 cyber security incidents in the 2022-23 financial year. Additionally, nearly 94,000 cyber incidents were reported to law enforcement through ReportCyber—equating to one every six minutes. These alarming statistics highlight the need for organisations to adopt comprehensive cyber security strategies.

Lessons from Stonnington’s Cyberattack

In August 2021, the Stonnington City Council faced a significant cyberattack by an international agent. As CEO, Jacqui led a calm and systematic response that became a model for crisis management. The attack disrupted operations, including payment systems and the ePlanning portal, incurring significant costs and downtime.

The council collaborated with Digital Frontier Partners and government agencies to recover over a three-month period. This experience revealed actionable insights CEOs can leverage to ensure resilience against cyber threats.

Top 5 Actions for CEOs to Navigate a Cyber Incident

1. Develop a Comprehensive Response Plan

   • Collaborate with the board and senior management to create a robust plan.
   • Use scenario testing and simulations to refine decision-making processes.

2. Establish a Comprehensive Cyber Security Strategy

   • Identify critical digital assets and assess third-party risks.
   • Maintain a dynamic, regularly updated security strategy.

3. Build Strategic Partnerships for Rapid Response

   • Forge partnerships with organisations like Digital Frontier Partners for immediate technical support and system recovery.
   • Reduce recovery time and operational impact with expert assistance.

4. Integrate Cyber Risk into Risk Management Frameworks

   • Embed cyber risk into existing organisational risk practices.
   • Conduct periodic assessments of controls and third-party validations.

5. Foster a Culture of Cyber Resilience

   • Implement organisation-wide training and awareness programs.
   • Embed cyber security into KPIs to prioritise resilience across all levels.

Key Learnings from Stonnington Council’s Experience

• Prolonged Recovery Period: A three-month recovery highlighted the need for endurance and strategic resource allocation.
• Financial Implications: Insurance claims and unplanned expenses demonstrated the importance of financial readiness.
• Communication is Critical: Transparent stakeholder communication minimised reputational damage and met disclosure obligations.
• External Collaboration: Partnerships with agencies like the Australian Signals Directorate ensured swift and informed responses.
• Strategic Partnerships: Expert support from Digital Frontier Partners was vital in addressing the technical and operational complexities of the incident.

Conclusion

Cybersecurity is a critical component of modern business leadership. CEOs must embrace proactive strategies, build strong partnerships, and foster a culture of resilience to navigate cyber incidents effectively. Jacqui Weatherill’s insights provide a powerful roadmap for organisations aiming to strengthen their preparedness and response capabilities.