Operational Technology: A critical blind spot in local authority cyber resilience

While production has now returned to normal levels, the company has recently posted a £485m loss for the three months to the end of September – in addition to a further £196m in ‘cyber related costs’ necessitated by the attack.

For JLR, the disruption has been more than an operational inconvenience. It’s been a stark demonstration of how deeply digital systems are embedded in the physical fabric of modern industry. When those systems go dark, so does production and the impact ripples quickly across supply chains. Smaller suppliers, already operating on tight margins, have faced mounting financial strain as assembly lines fell silent. In recognition of the scale of the challenge, the UK Government has stepped in with a £1.5 billion loan guarantee to support JLR and protect the thousands of jobs and businesses that depend on its network.

Cyber Threats Hitting Local Authorities Across the UK

What happened to JLR may have played out on a national stage, but the same story is unfolding in our towns and cities – where the consequences of a cyberattack can hit just as hard, if not harder, for the communities that rely on public services every day. Earlier this year, a major cyber-attack on Glasgow City Council also brought essential services to a standstill. From pension payments to school systems and parking portals, residents were locked out – a jarring reminder that local government IT isn’t just backend infrastructure anymore; it’s a vital public lifeline.

And Glasgow is far from alone. Across England’s Metropolitan District Councils, reported cyber breaches have exploded by nearly 400% in just three years, with over 5,000 incidents recorded across 24 councils.

The threat is relentless. Hammersmith and Fulham Council reports fending off around 20,000 attempted cyberattacks every single day. The message is clear: local authorities are under siege and the digital front line is now as critical as any other public service. In response to this persistent threat, and in light of the devastating losses to businesses due to cyberattacks, the UK Government has introduced the Cyber Security Resilience Bill, which was first read in Parliament on 12 November. If passed, this legislation will strengthen the UK’s cyber defences and ensure critical infrastructure and the digital services companies rely on are secure.

IT/OT Convergence: A Growing Risk for Local Authorities

While attention often centres on traditional IT systems when cyber-attacks hit, there is another category of technology that plays an equally vital role: Operational Technology (OT). These are the systems that control and monitor the physical environment – traffic management, street lighting, CCTV networks, public address systems and environmental sensors, to name a few. Increasingly, these assets are being connected to IT networks as councils pursue smarter, more integrated ways of working.

This integration, often referred to as IT/OT Convergence, offers clear benefits. It can reduce cost, simplify maintenance, and improve service delivery. But it also introduces new risks. Many OT systems were never designed to operate on shared or internet-facing networks. They often run on legacy software, lack proper access controls and are maintained separately from core IT infrastructure. When these systems are connected without adequate security, they create new points of vulnerability that can be exploited – either intentionally or inadvertently.

The Glasgow Cyber Incident: A Case Study in Operational Disruption

In Glasgow’s case, the attack was linked to servers operated by a third-party supplier, and while the local authority is confident there is no evidence of data having been stolen or encrypted, the consequences rippled through the council’s digital and operational infrastructure. Shortly after the incident, residents began receiving fraudulent messages demanding payment for fake parking fines – prompting quick action from Glasgow City Council to isolate those servers to protect the authority’s wider network. For a city of this scale, the disruption wasn’t just technical. It affected the confidence of citizens, interrupted routine services, and required considerable time and effort to contain.

This incident isn’t unique, and it highlights the growing need for local authorities to take a more holistic view of cyber resilience – one that includes OT as a core component. As organisations increasingly rely on connected devices and automated systems to manage city infrastructure, the potential impact of a cyber-attack becomes more tangible and immediate. It’s not just about data loss; it’s about service availability, public safety, and trust.

How North Supports Local Authorities with OT Cyber Resilience

At North, we work with local authorities to address these challenges in a pragmatic, structured way. We help organisations understand their current OT environment – what assets are connected, where vulnerabilities exist, and how best to reduce risk. This begins with a detailed assessment, supported by practical guidance on improving visibility, segmenting networks, and implementing controls that reflect the specific nature of OT systems.

We also recognise that this isn’t just a technical issue but an operational one. Cyber resilience requires collaboration between IT and operational teams, and leadership that understands how technology underpins public service. By aligning policy, process, and protection across both IT and OT, local authorities can build a more effective security posture.

The Future of Public Sector Cybersecurity

The reality is that cyber threats are evolving, and the pace of digital transformation isn’t slowing down. Incidents like the one in Glasgow serve as a wake-up call, not just because of the disruption caused, but because of how deeply these systems are embedded in the fabric of everyday life. Local authorities have a responsibility to ensure that their infrastructure – both visible and behind the scenes – is resilient, responsive, and secure.

Operational Technology may not always attract headlines, but it plays a fundamental role in how councils serve their communities. Protecting it should be seen not as an add-on, but as a necessary part of delivering safe, reliable, and trusted public services in the digital age.

Contact us to discuss your IT/OT challenges and how North can support.

Mitchell Johnson, Information Security Consultant at North