Since the autumn of 2007, information security has been an even more major issue for businesses and CIOs. When the chancellor Alistair Darling announced to the House of Commons that the file containing the records of almost all child benefit claimants in the UK had been lost, information security became headline news. But as organisations struggle in the new recessionary economic climate and public-sector CIOs discover that their funding levels are being slashed will the issue slide into the background. CIO UK discussed the continued importance of information security with Richard Thomas, the outgoing information commissioner and Mike Payne, CTO at the Ministry of Justice.
The personal details of 25 million British people were lost in 2007 when HM Revenue and Customs (HMRC) lost two CDs containing the records. It was described as a systematic failure and "woefully inadequate" by the Poynter report. For the last two years, HMRC's name could not be uttered without being instantly connected with the biggest loss of personal information in British history. Poynter discovered that the IT systems at the newly merged HMRC organisation were too complex and too fragmented. As a result, Poynter advised HMRC to upgrade its IT systems, which the organisation then committed to spending £155m on IT renewal projects.
HMRC was the first sighting of a major problem within the public sector and private companies. Like the periscope of an enemy submarine emerging first, as more and more details arose, the submarine surfaced, revealing itself to be the U-boat set to sink the information fleet. Prison staff details were lost, while banks and building societies also revealed failures in records keeping.
<
Registration is free, and gives you full access to our extensive white paper library, case studies & analysis, downloads & speciality areas, and more.
Richard Thomas steps down as the Information Commissioner in June after six years in the post. He has been by far and away the most effective and prolific campaigner for good information practices. His department is responsible for ensuring the Freedom of Information Act and Data Protection Acts are upheld. The Information Commissioner is an entirely independent role and is appointed by the Queen.
"The technology has demonstrably changed and that has been the major driver," Thomas says of the internet and his time as Commissioner. Since taking over the department, Thomas has been the public face and voice of information security, he told CIO UK at an event organised by Dtex, an information security specialist. The department he inherited was poorly funded and had just one PC and no internet connection. Today, C-level management, insurance companies and across the government have respect for the department Thomas has honed. Thomas himself says the big-ticket disasters have also driven up the interest and prioritisation of information security.
"It was seen as a nerdy role and we were seen as remote from reality," he says. We worked very hard to make it more relevant." Thomas says this was achieved through "language, pragmatism and common sense". "We put a lot of emphasis on communications and this has transformed our relationship with businesses."
Mike Payne, CTO at the Ministry of Justice, concurs: "The powerful thing is that it's [information security] gone from being very arcane to one that is now using a language that the business understands."
Be the first to comment on this article!