Plans to introduce mandatory security improvements across government have become mired in contractual disputes with IT suppliers that do not want to carry the cost. Full story on ComputerWeekly.com homepage.
Government, understandably, wants improvements to IT security after the loss of two CDs at HM Revenue and Customs.
But IT suppliers, understandably, say it’ll cost extra.
Several of the outsourcing suppliers have the government over a barrel: their contracts cannot, in practice, be terminated over a dispute related to extra costs of IT security; and third party companies cannot easily bolt on extra security to another supplier’s systems.
Ross Cattell, head of enterprise risk at Deloitte, saidsuppliers felt unfairly criticised by the government. “Suppliersare saying, ‘Gold standard is not what you asked for when yououtsourced. If you want that, you have to pay more.’
“It is difficult for government departments which are trying toraise the information assurance standards,” he said.
Sureyya Cansoy, associate director of suppliers’ body Intellect,said suppliers are doing all they can to assist the government.
“It should be done in such a way that it doesn’t burdensuppliers unnecessarily and that any changes to contracts are doneunder the commercial arrangements already agreed,” she said.
“Butwe’ve not really tackled it yet.”
Government data security hobbled by cost dispute – ComputerWeekly.com