Findings from a McAfee study, which surveyed 815 government employees, indicates civil servants have concerns about the security posture of priority initiatives being driven by the Cabinet Office:
- Less than third of respondents agree or strongly agree that adequate consideration is given to cyber-security within the government reform agenda
- 28% of central government respondents believe SMEs are vulnerable to cyber attacks due to their involvement in the supply chain for the delivery of government projects. This figure rises to 35% amongst those working in roles which require a high level of knowledge or some knowledge of cyber-security issues
- Only 14% of respondents feel G-Cloud gives adequate consideration to cyber-security
- A mere 13% of civil servants stated cyber-security occupies a prominent enough position in the Universal Credit Programme.
The public sector faces a multitude of security challenges. The study found that the areas of most concern are data protection and security (36%), direct hacking attempts like DDoS attacks or SQL injections (17%) and attacks from foreign governments and criminal or terrorist organizations (14%).
Considering the negative ramifications of these types of breaches – hefty fines from the ICO, damaging news headlines, interruption of public services offered online and the safety of Britons – it comes as little surprise that these were ranked as the top three.
While civil servants do acknowledge the risk posed by cyber attacks, just over half of respondents feel an important solution to the problems caused by the lack of digital skills is to run more dedicated training courses and high-potential development programmes for specialists in this field, while 41% call for stronger specialist teams within departments.
Anecdotal responses gathered during the survey also hint that experience outside of the public sector may bring much needed cyber security expertise to government departments, with respondents saying the skills of those who have private sector experience are not fully utilized.