How COVID-19 could create a more digitally secure public sector
COVID-19 has drastically impacted how workplaces and employees operate over the past year and this is no different for the public sector. Whether it’s remote working or reduced office space, many civil servants and government employees have experienced huge changes in how they function in order to remain operational and stay safe.
However, this new normal has come with new challenges, particularly in regards to cyber security. This was revealed in a recent survey of Public Sector Organisations by Zivver, which found that 43 per cent of IT leaders in local government believed their organisation was ‘less secure as a result of COVID-19’, while 11 per cent of local government respondents were aware of 11-15 data leaks taking place in the past year.
These figures seem to indicate that changes in working conditions have had an impact on digital security. This could be for multiple reasons, such as public sector workers being more reliant on email and file sharing services to transfer information both internally and externally. Sharing data this way comes with risks, whether that’s files being shared with the wrong recipients by mistake or attaching and sending the wrong file.
With remote working looking like it will become more commonplace going forward, public sector teams need to ensure that strong protections are in place to secure the information they hold and that employees have a full understanding of how to work safely outside of the office environment.
Creating a security first culture
To do this, IT leaders in the public sector need to create an environment where cyber secure working is at the forefront of employees minds. Many employees have a set way of working which they have been using for years and have become accustomed to, all of which has been upheaved because of the pandemic. This means that they may be slow to pick up new processes, such as secure remote working practices, and stick to what they’re comfortable with, leading to mistakes being made and vital information falling into the wrong hands.
IT departments need to shift employee mindsets, ensure they are constantly aware of when they’re not working safely and act quickly to address this. Tools such as error prevention technology can play a key role in this process as they pick up straight away when an employee is handling and sharing sensitive data insecurely. If staff are repeatedly being informed when they are not working safely, secure ways of working will soon become more ingrained into their working day, ensuring public data is handled in the safest way possible.
Learn from your breaches
A data breach is never a good thing; however, this doesn’t mean that they should always be seen as negative occurrences. Rather than looking at outbound communications breaches or leaks as a damning indictment of their organisation, IT departments should see them as learning opportunities. When a data leak happens, this provides an opportunity to identify why it occurred and what needs to be done to improve outbound communications security and working practices. Technology again can support this process. Secure communications software allows IT teams to identify how and why a breach happened, which they can then look to address to ensure it doesn’t happen again.
Set your goals
While software obviously has an important role to play in preventing outbound data breaches, not every platform will provide public sector organisations with what they need. It’s important that before implementing a solution, digital leaders within the organisation have a clear understanding of what they want to achieve from putting the software in place.
This means identifying what they need the solution to do before any decision is made, whether that’s preventing data leaks, reducing costs, digital transformation or supporting remote working. Through having a clear understanding of what the department needs, this will ensure public sector bodies have the best solution available for both employees and the wider organisation.
COVID-19 has without a doubt altered how the public sector works and operates, and this has brought up challenges that need to be overcome. However, this shouldn’t be seen as bad but rather as an opportunity to improve working practices to ensure departments and staff can easily safeguard citizen’s data and comply with regulatory requirements. Through changing working cultures, learning from mistakes and understanding what they need to achieve, public sector bodies can create a safer, more secure environment through the pandemic and beyond.
Dan Patefield
Dan Patefield
Dan leads the techUK Cyber Security programme, having originally joined techUK in August 2017 as a Programme Manager working across the Cyber and Defence programmes. He is responsible for managing techUK's work across the cyber security eco-system, bringing industry together with key stakeholders across the public and private sectors. Dan also provides the industry secretariat for the Cyber Growth Partnership, the industry and Governmnet conduit for supporting growth across the sector. A key focus of his work is to strengthen the public-private partnership across cyber security to support further development of UK cyber security policy.
Before joining techUK he worked as Forum Lead for the Westminster eForum. In this role he had a focus on the technology and telecoms space, on issues ranging from Broadband and Mobile Infrastructure, the Internet of Things, Cyber Security, Data and diversity in tech. Dan has a BA in History from the University of Liverpool.
- Email:
- [email protected]
- Phone:
- 020 7331 2165
Jill Broom
Jill Broom
Jill is techUK’s Programme Manager for Cyber Security, working across the cyber eco-system to bring industry together with key stakeholders across the public and private sectors.
Prior to focusing in on techUK's cyber security work, Jill was also part of techUK's Central Government programme team, representing the supplier community of technology products and services to Whitehall departments.
Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
- Email:
- [email protected]
- Twitter:
- @honeybroom
- Website:
- www.techuk.org
- LinkedIn:
- https://www.linkedin.com/in/jill-broom-19aa824
Annie Collings
Annie Collings
Annie joined techUK as the Programme Manager for Cyber Security and Central Government in September 2023.
Prior to joining techUK, Annie worked as an Account Manager at PLMR Healthcomms, a specialist healthcare agency providing public affairs support to a wide range of medical technology clients. Annie also spent time as an Intern in an MPs constituency office and as an Intern at the Association of Independent Professionals and the Self-Employed.
Annie graduated from Nottingham Trent University, where she was an active member of the lacrosse society.
- Email:
- [email protected]
- Twitter:
- anniecollings24
- LinkedIn:
- https://www.linkedin.com/in/annie-collings-270150158/