Latest Public Sector News

29.10.13

Data breaches ‘endemic’ – but blame management, not technology

IT security breaches in the public sector can virtually always be blamed on management failings, not the technology, according to Socitm.

The public sector IT managers’ body notes that “security breaches reported on the Information Commissioner’s Office (ICO) website include cases of incorrect disclosure, physical loss or theft of storage devices, misuse of old documents as templates, errors in handling fax and e-mail, sending documents to the wrong address, and even papers being stolen from a pub…There is not a single example of a technical failure among them.”

This support Socitm’s own research, it says. Martin Greenwood, programme manager for Socitm Insight, said: “Socitm has been arguing for some time that the balance of the ICT manager’s attention should be shifting somewhat away from technology and towards the management of information. Part of this is managing its security. Unfortunately justifying the cost and resources for this can be a challenge, because with a virtual asset like information, it is not always easy to see when things have gone wrong.”

Public service organisations have been “doing well” at tackling technical vulnerabalities but less well at changing beaviours, according to the briefing report, ‘Information governance: not up to scratch?’

The report praises Chelmsford Borough Council for its proactive and focused approach to security breaches, which Socitm said are unfortunately “endemic throughout the public sector”.

In the last three years, there has been a significant increase in the number of public sector authorities appointing a senior information risk officer (SIRO). But only just over half of respondents to Socitm’s IT Trends survey say they have an information governance function in place, and only in the area of disposal of information assets do more than half of them have a policy in place.

Socitm says: “Tough security requirements set out by the Cabinet Office as a condition of connection to the public services network has focused minds in most public sector organisations on ensuring that their technical infrastructure and policies are watertight. This may have led to the more obvious risks around physically handling information assets receiving less attention than they deserve.”

Tell us what you think – have your say below or email [email protected]

Comments

There are no comments. Why not be the first?

Add your comment

related

public sector executive tv

more videos >

last word

Prevention: Investing for the future

Prevention: Investing for the future

Rob Whiteman, CEO at the Chartered Institute of Public Finance (CIPFA), discusses the benefits of long-term preventative investment. Rising demand, reducing resource – this has been the r more > more last word articles >

public sector focus

View all News

comment

Peter Kyle MP: It’s time to say thank you this Public Service Day

21/06/2019Peter Kyle MP: It’s time to say thank you this Public Service Day

Taking time to say thank you is one of the hidden pillars of a society. Bei... more >
How community-led initiatives can help save the housing shortage

19/06/2019How community-led initiatives can help save the housing shortage

Tom Chance, director at the National Community Land Trust Network, argues t... more >

interviews

Artificial intelligence: the devil is in the data

17/12/2018Artificial intelligence: the devil is in the data

It’s no secret that the public sector and its service providers need ... more >