Public Sector vs Private Sector. Who does security better?

Mods against Rockers, Tom and Jerry, Batman versus The Joker….

My partner in blogging and I have one more to add to that list. Duncan is standing up for the public sector, I’m on the side of the private sector.

Public Sector versus Private Sector Information Security. Which is better?

The debate begins here and I’m going to kick it off by stating as a sure fact that the private sector is the superior when it comes to protecting data and implementing decent information security.

The public sector is too steeped in bureaucracy to be flexible, and staffed by too many incumbents encumbered by their historical, organisational and cultural biases which hamper new ways of working in case it upsets their hard-won status-quo. This means that emerging risks and trends are more likely to be ignored until something bad happens. As it did, numerous times within numerous public sector departments ranging from HMRC to the Royal Navy.

Conversely, in the private sector, initiative is encouraged and flexibility to adapt is essential. New risks are quickly assessed and managed. To remain competitive, we get fast access to the latest technologies. Security is bread and butter stuff. If we get it wrong there’s the potential to go out of business.

Duncan, over to you. You can argue the opposite but frankly, no-one is going to take your side…