85% of users believe that their local authority has probably
already suffered an IT security breach.
IT security and control firm, Sophos, has revealed that 85
percent of users of online government services believe that their
local authority's IT systems have probably already suffered a
security breach at the hands of cybercriminals. The survey, which
polled 241 members of the public, also revealed that in such
circumstances, 86 percent of users would hold the local authority
itself responsible, rather than the hackers.
With HM Revenue and Customs (HMRC) yesterday admitting
to losing sensitive information including addresses, date of birth,
national insurance numbers and even bank details of about 25
million child benefit recipients in the UK, Sophos experts note
that it is no surprise that user confidence in the security of
Government services is low.
However, while 62 percent of the public believe that the private
and public sectors are as bad each other when it comes to defending
this personal data, almost a third of users believe the public
sector does a worse job, compared to just 7 percent who stated that
the private sector is at greater fault.
Sophos warns that while these figures may not be reflective of
actual hacking incidents, central and local government
organizations clearly need to brush up their image and ensure their
security solutions are up to date in order to boost public
confidence. The survey also revealed that 57 percent of the public
do not believe that local authorities are doing enough to protect
information stored on their network, with 93 percent stating that
they do not know, but would like to know, what steps these
organisations are taking to defend themselves against hackers.
Survey snapshot
Do you think the public sector is better or
worse than the private sector for protecting personal
data?
|
| Public sector is
worse |
|
|
| Private sector is
worse |
|
|
| They're both as bad as
each other |
|
|
| They both do a great
job |
|
|
If your personal data was compromised by a
security breach to a local authority website, who would you hold
responsible?
|
| The hacker |
|
|
| The local
authority |
|
|
| The government |
|
|
| No-one, these things
happen |
|
|
Sophos survey hosted on SurveyMonkey.com, 241
respondents, October 2007.
"One of the major challenges facing the public sector is that an
increasing number of its services are going online for the public
to use - great idea, but only if you have a proven security
strategy in place that your users believe in. Granting open access
without one could dent public confidence as well as put the network
at risk," said Carole
Theriault, senior security consultant at Sophos. "What's more,
it's not just storing these details online which leaves them
vulnerable to theft. Yesterday's revelation about the security
breach at HMRC is a clear indication that the Government must do
more to protect this information whether it's online on a CD, or
wherever - after all, it is the general public's data at risk."
Sophos recommends that all organisations protect themselves with
a consolidated solution which can control network access
and defend against the threats of spam, hackers, spyware and
viruses.
Disclaimer: Please bear in mind that this poll is not
scientific and is provided for information purposes only. Sophos
makes no guarantees about the accuracy of the results other than
that they reflect the choices of the users who participated.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.