The HMRC employee who
lost two discs containing the details of 25 million child benefit
recipients deserves "an award", a former Cabinet Office
consultant claims.
Speaking at the
Socitm conference in
Newport, Harvey Mattinson, a consultant at
Communications-Electronics Security Group, said, "One mistake by
somebody has changed the face of the world completely. We should
give the person who made that mistake an award.
"Twelve months ago, nobody had really worried about security.
Various incidents made us step back and ask ourselves some
fundamental questions."
Mattinson was assistant director for assurance and standards
while he was on a six-year loan to the Cabinet Office.
He said, "People at the top, including ministers, don't
understand how to protect information. If we don't have leadership,
we dont have a starting point." He added that the UK is "not doing
very well at the moment" on keeping data secure.
It is impossible to eliminate risk and make information 100%
safe, Mattinson said, and the best an organisation should hope for
is making it 80% safe. Companies should get
advice from experts, put the right procedures in place, spread
data across different places instead of keeping it in one place,
and work to get the right culture for keeping data safe.