Local Government IT Security Is A Bloody Mess, Research Finds

Digital government, GDS

Are budget cuts to blame? Majority of local government organisations say their security is not robust enough to deal with increasing threats

Just 41 percent of UK Government organisations believe their current IT security practices offer suitable protection against the growing threat of cybercrime.

This is just one of the worrying findings from a study conducted by Dods Research on behalf of cyber security firm Sophos, which highlights the poor state of IT security in the UK’s public sector.

Lack of awareness

Almost 50 percent of survey respondents said they had no idea if their security practices are good enough, indicating a low level of awareness of cyber security and cybercrime across the general local government workforce.

Vodafone Met Police Tablet 1The research, which surveyed, 2,728 local government and police workers across a wide range of disciplines, highlighted that over the past year the majority (90 percent) of local government and police organisations have been affected by budget cuts.

This has prompted job losses (67 percent) and cuts in overall front line services (63 percent) in many areas of the organisation. When it came to IT, 62 percent said they are planning to make savings by increasing or implementing shared services – splitting the costs with other neighbouring organisations. However, just 30 percent of those surveyed said their organisations are exploring the consolidation of existing IT services to make savings, and only nine per cent are looking at consolidating their IT security services.

The research also canvassed public sector opinion about what the biggest drivers for change have been from an IT security point of view, with 59 percent highlighting the demand for more remote and mobile working practices. Furthermore, 46 percent cited increased awareness of data security thanks to high profile security breaches and upcoming EU legislation. When asked directly what their main concerns were from an IT security point of view, the research found that, issues around data loss (47 percent) were at the top of the agenda followed by remote access (31 percent) and targeted attacks (25 percent).

However, despite the move towards more remote and mobile working policies, public sector organisations still remain skeptical about turning to flexible cloud storage solutions with only 16 percent using these tools. This was a remarkable find considering that other serious issues, such as shadow IT (11 percent) and BYOD (18 percent) factored extremely low on the scale of concerns, indicating that it may not be something at the forefront of local government security minds. In contrast however, 63 percent of local government workers who responded agreed that encryption was becoming more of a necessity within their organisation.

Regional vice president of Sophos UK & Ireland, James Vyvyan, said: “With cybercrime at an all-time high and public sector budgets reducing year-on-year, it’s more important than ever that organisations maximise the resources available to them. There is a clear trend towards local authorities partnering with neighbouring authorities to increase and implement shared services.

“This collaborative approach is certainly helpful in the fight against cybercrime. Our research indicates that local authorities and police may also be missing the opportunity to consolidate their IT and security technologies, which can deliver further savings, helping to protect jobs and frontline services.”

Are you clued up on government IT? Take our quiz to find out!