WavebreakMediaMicro - Fotolia
Awareness of cyber security and cyber crime is low across UK local government employees, a survey has revealed.
The survey commissioned by security firm Sophos polled more than 2,700 people working in the police and local government showed that only 41% of respondents thought their current IT security practices would offer suitable protection against the growing threat of cyber crime.
Almost half said they did not know, indicating a low level of awareness of cyber security and cyber crime across the general local government workforce.
The research highlighted that over the past 12 months, 90% of local government and police organisations have been affected by budget cuts, which have prompted a 67% cut in jobs and a 63% cut in overall front line services.
When it came to IT, 62% of respondents said they are planning to make savings by increasing or implementing shared services to split the costs with other neighbouring organisations. However, only 30% said their organisations are exploring the consolidation of existing IT services to make savings, and only 9% are looking at consolidating their IT security services.
Asked about the biggest drivers for change from an IT security point of view, 59% of respondents said the demand for more remote and mobile working practices, while 46% cited increased awareness of data security thanks to high-profile security breaches and coming new European Union data protection legislation.
When asked directly what their main concerns were from an IT security point of view, 47% said that issues around data loss were at the top of the agenda, followed by remote access (31%) and targeted attacks (25%).
However, despite the move towards more remote and mobile working policies, public sector organisations remain sceptical about turning to flexible cloud storage systems, with only 16% using these tools. Unsurprisingly, only 11% of respondents were concerned about the security implications of shadow IT and only 18% were concerned about bring your own device (BYOD).
In contrast, however, 63% of local government workers polled agreed that encryption was becoming more of a necessity in their organisation.
“With cyber crime at an all-time high and public sector budgets reducing year on year, it’s more important than ever that organisations maximise the resources available to them,” said James Vyvyan, regional vice-president of Sophos UK & Ireland.
“There is a clear trend towards local authorities partnering with neighbouring authorities to increase and implement shared services. This collaborative approach is certainly helpful in the fight against cyber crime. Our research indicates that local authorities and police may also be missing the opportunity to consolidate their IT and security technologies, which can deliver further savings, helping to protect jobs and frontline services, ” he said.
Read more about security awareness
- The PCI security council has published a guide to help organisations better educate employees on information security
- Cyber security awareness is still in its infancy in most organisations despite the quick returns it can deliver, says the Sans Institute
- A continual security awareness training program is important for an enterprise’s culture
- Security awareness training can be effective, but how should enterprises select the right third-party program?