Government cybersecurity under scrutiny as staff lose hundreds of mobile devices
Staff at government departments lost more than 500 mobile and laptop devices in the first four months of the year, sparking concerns hackers could gain access to a “goldmine” of data.
Employees at nine departments, including the Ministry of Defence and the Foreign & Commonwealth Office (FCO), lost 508 phones, laptops and tablets between January and April 2019.
Read more: Huawei does not make ethical judgements, says cybersecurity boss
The figures, obtained under the Freedom of Information Act, revealed that only 10 per cent of lost devices were ever recovered.
The worst offender was the FCO, which lost 156 devices, while staff at the Department for Education lost 130 devices. Overall, the cost of replacing lost phones and laptops over the period was more than £185,000.
The findings highlight the importance of cybersecurity in the public sector, with the loss and theft of government devices potentially putting sensitive data at risk.
“As the amount of business data that flows across devices, apps, networks, and cloud services continues to increase, it is essential that organisations have the right security protocols in place to minimise risk and prevent unauthorised access to sensitive data if a device is lost or stolen,” said David Critchley, regional director of Mobileiron UK, which obtained the figures.
“Even one lost or stolen device provides a goldmine of readily accessible and highly critical data to potential fraudsters and hackers.”
It comes amid warnings that the government has not done enough to protect the UK from the growing risk of cyber attacks.
Last month the Public Accounts Committee said the Cabinet Office had failed to develop a business case for its cybersecurity strategy, and urged the government to clarify the aims of its £1.9bn five-year plan.
Luis Corrons, security evangelist at cybersecurity firm Avast, told City A.M. the loss of important government equipment was an ongoing problem, but said cybersecurity measures have increased “significantly” in recent years.
“The UK digital government strategy shows that cybersecurity is being taken very seriously by the government and the proof of this will be in whether we see any sensitive information surfacing in the future on the dark web,” he said.
Read more: Government to introduce new cybersecurity laws for internet-connected devices
A government spokesperson said: “Our ICT equipment, including mobile phones feature a number of security measures including either password enabled, encrypted or both to ensure information does not fall into the wrong hands.”
“In addition, a strict incident reporting system is in place to ensure once informed, further restrictions can be applied remotely and the device is wiped clean to prevent unauthorised access.”
Main image credit: Getty