The Digital Government Security Forum (DGSF) has announced the launch of its latest report on the future of information security in government and public services.
The report’s focus is on some key areas of information technology that are especially pertinent to government and its broader public services, as they have increasing reliance on digital information technology.
In particular, it stresses the requirements of proactive measures to combat increasingly sophisticated and highly focuses cyber attacks on government and healthcare data pools. The report acknowledges that the government and the NHS will experience an explosion of data due to their participation in the new digital revolution and this will require ever-evolving levels of information security. The report highlights six key areas:
- Combating Sophisticated Attackers – information security must evolve to keep pace with threats and challenges
- Speed of Response – organisations must have efficient processes for verification, containment and mitigation
- Responding to the increasing complexity – IT must develop a better strategic overview of all areas of the modern IT Estate concentrating on containing threats rather than focusing on platforms
- Addressing Skills and People Issues – realising that people are central to a successful cyber security policy
- Reacting to the Internet of Things – Security teams need to identify and audit the myriad of devices that will connect to their networks
- Building functional capability – developing appropriate culture, people and leadership engaging the organisation and exploiting available technologies
The report indicates that today’s reactive response to cyber security is no longer sufficient. It states that the current state of cyber security has developed as in an arms race, with hackers and criminals developing new techniques and security teams having to counter them with new defence mechanisms. However, IT has become far more complex with much larger networks, new cloud technologies, platforms and user owned devices, resulting in a more complex and challenging security environment.
John Thornton of the DGSF said: "We need to be thinking now about the security and data sharing implications of the ways that we will work in the future. This includes not just near term issues like cloud computing and social media, but also longer term developments such as automated systems for enquiry handling and even driverless vehicles."