This page contains a Flash digital edition of a book.
IT AND DATA


The Digital Government Security Forum


John Thornton, secretary to the Digital Government Security Forum (DGSF), discusses cyber crime and the public sector.


We


live in a society that is increasingly dependent on immediate access


to digital information. Can you imagine a situation where you cannot get the information you need to do your job; you can’t pay by credit card, draw cash or even check a train time table? This happened in Estonia, one of the world’s most digitally advanced nations, when it experienced a series of cyber-attacks.


These assaults on its digital infrastructure shut down local internet service providers and prevented people from buying food, getting petrol, and completing bank transactions for several days.


An attack earlier this year in South Korea, another very digitally advanced nation, paralysed national broadcasters and major banks. Coordinated cyber-attacks on


been termed the ‘internet of things’ – where the internet connects our traffi c management systems, the buildings we work in, bank cash machines, and much more.


The implications for the UK in general and the public services in particular are substantial. The UK has one the world’s largest internet- based economies, valued at £121bn in 2010. This is equivalent to 8% of the UK’s GDP, a greater share than any other G20 country.


Information is the lifeblood of modern organisations and modern economies, and


these electronic


networks on which we all increasing rely for important and daily transactions transcend organisations, governments and national borders.


three banks


stopped cash machines from dispensing cash, crashed computer networks and effectively wiped clean 32,000 computers. Mobile and internet banking was frozen, and not surprisingly, customers panicked. At the same time, journalists logging on to the three main broadcasters’ systems found only an image of a human skull with a mischievous grin and bullet wound, together with the message: “We have deleted your data. We will be back soon.”


These attacks were not direct attempts to bring down these governments. The aim was to generate huge amounts of publicity and to demonstrate vulnerability. The purpose of these and similar attacks was to undermine confi dence and trust in the core systems that support communications and commerce.


Trust is a precious commodity. It sits at the heart of effective government and commerce, and is even more important in today’s world of virtual transactions and rapid electronic communications.


The internet, cyber space, has developed from a communication network to what has


44 | public sector executive Sep/Oct 13


The Government itself provides more


than 650


transactional services, which cost between £6bn and £9bn


to operate, and annually there are


about 1.5 billion individual transactions with central government departments and other public service organisations.


As the UK moves to ‘digital-by-default’ to improve convenience for citizens and reduce costs, we must recognise our increased vulnerability to cyber-attacks, and do everything we can to ensure that citizens, businesses and government retain high levels of trust and confi dence in our digital systems.


We know that as trust and confi dence increase, more people are willing to use online systems, they spend less time calling and checking and costs reduce. We also know that if trust and confi dence are undermined, the impact on organisations in terms support and sorting out problems can be disproportionately high.


A secure internet is therefore vital for the UK’s economic prosperity and to support government plans to make all public services digital.


These concerns have led to the creation of the Digital Government Security Forum (DGSF). In its fi rst report, ‘Operating Securely in the Digital World’, the Forum provides guidance to help managers and leaders in public sector organisations understand the risks and the language of information security. This is an important starting point as these risks are often shrouded in a technical language that can incorrectly make information security seem less relevant to everyday management and delivery of public services. The report also explains the key stages of an attack and probes deeper into how a recent high profi le attack was conducted.


The report concludes that whilst the UK has made huge progress in improving information handling and information security, there remain signifi cant areas of concern. These include the need to raise awareness and understanding of cyber security at board and senior management levels, problems with legacy systems and the very real danger that concerns over information security could delay moves to digital-by-default and prevent public sector organisations from reaping the full cost savings and service benefi ts envisaged.


The report also provides the outlines of two tools developed to help boards, senior managers and information teams that would like to review their information


security


strategies and governance arrangements, including a development framework.


Ultimately, as the report concludes, the success or otherwise of information security arrangements must be judged not simply by how effective they are at preventing breaches of security but by also the contributions that they make to achieving corporate goals and effi ciencies. This is what it means to operate securely in the digital world.


John Thornton


FOR MORE INFORMATION www.DigitalGovernmentSecurityForum.org


© Paul Faith and PA Wire


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80  |  Page 81  |  Page 82  |  Page 83  |  Page 84