Designing your connected place to be resilient
Updated 10 July 2023
© Crown copyright 2023
This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.
Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.
This publication is available at https://www.gov.uk/government/publications/secure-connected-places-smart-cities-guidance-collection/designing-your-connected-place-to-be-resilient
The following guidance sets out how you can design your connected place to be resilient against cyber attacks or other security events such as component failures, or administrative errors or information disruption, misuse or loss.
This guidance is relevant to:
- Connected places project leaders/managers
- Cyber security leads
- IT professionals
- Information managers, processors and users
Owner: National Cyber Security Centre
About this guidance: This guidance aims to help connected places project leaders/managers, IT professionals and cyber security leads make decisions about cyber security risk. It outlines the fundamentals of risk management, and describes techniques you can use to manage cyber security risks.
Owner: National Cyber Security Centre
About this guidance: These principles are intended to help IT professionals and cyber security leads ensure that the systems which underpin your connected place are designed and built securely from the outset.
Owner: National Cyber Security Centre
About this guidance: This guidance aims to help connected places project leaders/managers, IT professionals and cyber security leads understand and mitigate Denial of Service (DoS) attacks against your organisation.
Mitigating Malware and Ransomware Attacks
Owner: National Cyber Security Centre
About this guidance: This guidance outlines the actions connected places project leaders/managers, IT professionals and cyber security leads can take to help your organisation prevent malware or ransomware infections and steps to take if you’re already infected.
Personnel Security Maturity Model
Owner: Centre for the Protection of National Infrastructure
About this guidance: This guidance provides an overview of CPNI’s personnel security maturity model which has been designed to assess an organisation’s personnel security maturity. You can use this to assess organisations in your supply chain.
Managing the Risk of Cloud-Enabled Products
Owner: National Cyber Security Centre
About this guidance: This guidance provides connected places project leaders/managers, IT professionals and cyber security leads with an understanding of the risks of locally installed products interacting with cloud services, and provides suggestions to help you manage this risk for your organisation.
Secure Development and Deployment Guidance
Owner: National Cyber Security Centre
About this guidance: This guidance provides 8 principles to help IT professionals and cyber security leads improve and evaluate your software and systems development practices, and those of your suppliers.