Survey Reveals 2013 Compliance & Security Priorities for UK ICT Public Sector Professionals
February 2013 by
In a survey conducted amongst ICT professionals within the UK public sector, it’s been revealed that information security priorities for 2013 will primarily focus on regulatory compliance obligations. Regulatory standards for the UK Public Sector Network Code of Communication (PSN/CoCo) and Payment Card Industry Data Security Standard (PCI DSS) were presented as the main compliance budget priorities, while citizen data and credit card breach were highlighted as the most important data protection issues that needed to be addressed in 2013.
The research was jointly undertaken by data discovery and auditing specialist PixAlert and their UK partner iCompli Limited, for a regional event of SOCITM ,the association representing ICT and related professionals in the UK public and third sectors. In their address to SOCTIM delegates the following findings were presented:
● Respondents indicated they will be most likely to assign budget to the following regulatory compliance requirements of: PSN/CoCo: 57%; PCI DSS: 29% and Data Protection: 14%
● According to respondents, the type of sensitive/critical data which carries greatest organisational risk included: Confidential Customer/Citizen Data 55%; PII (DOB, Names, Address etc) 18%; Credit Card Data 9%; Sensitive Financial Information 9% and Intellectual Property 9%
● Respondents noted that Data Protection Breach 60% and Financial & Credit Card Breach 40% were the most important areas that they needed to address in 2013
● Those who responded to the survey represented UK public sectors organisations from: Council Representative/Strategic Partner 64%; Government Agency 18%; Private Sector 9%; Other 9
● 80% of respondents anticipate their Information Security budget will remain the same in 2013
Delivering their joint findings to SOCTIM members, PixAlert and iCompli highlighted some of the key information security issues within the public sector and confirmed with the group that increased regulatory and compliance demands e.g. PSN/CoCo, PCI DSS, the new EU Data Protection Directive and greater enforcement by ICO were important driving factors. ‘Increased compliance competencies coupled with higher demands on operating and cost efficiencies pose real challenges to public sector organisations’ commented Duncan Smith, Chief Executive of iCompli.
According to Gerard Curtin, CEO of PixAlert ‘UK state and local authorities face an immense task when it comes to managing citizen data and need to adapt an efficient approach by ensuring that they protect data according to the sensitivity and value of the information they control. By demonstrating this, sensitive public data and the reputation of those responsible for managing it, can be protected; data breach fines averted and optimum performance and value achieved’.
By working closely with leading UK Public Sector organisations, PixAlert has developed intelligent data security solutions which help to ensure a common interpretation and application of data protection standards such as PSN/CoCo, PCI DSS and Data Protection Legislation. PixAlert’s recurring process of data discovery, classification, analysis and monitoring enables organisations to achieve compliance, enforce robust security measures and manage risk continuously. The solution helps public sector organisations to both deliver their compliance obligations and show value for money through enhanced efficiencies and optimisation of resource time associated with managing critical data.
The SOCTIM event consisted of 50 delegates representing the North Eastern region of the UK association. Members were surveyed electronically in January 2013 by PixAlert in advance of the event. The survey generated a 25% response from participants.