The U.K. government does not have adequate mechanisms in place to
secure data transfer, according to a report prepared on behalf of the
Government departmental security is in silos, and there are
currently no adequate mechanisms in place to share data, according to
the report, the Independent Review of Government Information Assurance.
In some parts of government and the wider public sector, there is a
lack of comprehensive understanding of information security risks,
according to the review, which examined best practice and security
issues that need addressing.
There also need to be specific standards for identity registration,
management and use, and security needs to be measured and audited to a
defined standard, said the report.
The findings echo statements by a key government advisor who claimed that civil servants lack security awareness.
“What keeps me awake at night is that, with some notable exceptions,
across government, there's too little awareness of the scale and
breadth of the risk facing us at the moment,” Lieutenant General Sir
Edmund Burton, a key advisor to the Cabinet Office on information
assurance, said in February.
Just a few weeks before that, security experts expressed their concerns over the U.K. government's data-sharing plans.