The Public Sector Data and Information Security Survey has revealed that more than half of all data security breaches in the UK are the result of human error.
The loss of data as a result of internal access can be partly explained by multiple data ownership. 80 per cent of those who took part in the survey said they were ‘data owners’ and were responsible for allowing or denying access to the data; however, almost one-fifth (19 per cent) admitted that they do not know how many other data owners there are within the same organisation. One commented that even though data owners are responsible for determining the level of access, they often delegate this responsibility to the IT department.
600 people took part in the survey, of which 68 per cent were part of the public sector industries of healthcare, education or local government; 28 per cent were at C-Suite or director level; and 20 per cent had either ‘IT’ or ‘information’ in their job title.
The aim of the survey was to give public sector employees the chance to compare the way they work with other organisations and to identify issues that are causing concern as the new EU regulations come into force.
The survey revealed that around two-thirds (65 per cent) of those who took part are concerned about data security within their organisation. The main concerns are the loss of data and staff error; however, there are also concerns about issues with compliance and the failure of IT systems.
Just over one-third (35 per cent) of the participants thought that external hacking was going to be a problem, with other issues causing concern including cloud computing security, hardware theft and lack of training for staff.