Source: National Cyber Security News
Three in four local authorities do not provide mandatory cyber security training to their staff, Big Brother Watch has revealed, despite human error being a significant factor in most data breaches.
The privacy campaigners behind the research said they were concerned by their findings given the rapid accumulation of personal data by councils across the country.
The report revealed that more than a quarter of councils (114) have had their computer systems breached in the past five years and that 25 had experienced a breach that resulted in a loss of data.
More than half of those hit by a breach did not report it, the report found. However, the Freedom of Information results used to gather the data did not reveal how many of those breaches affected personal information.
Organisation are not legally required to report data breaches, but the Information Commissioner’s Office urges them to do so anyway. When GDPR comes into force in late May, firms could face significant fines if they fail to.
Jennifer Krueckeberg, lead researcher at Big Brother Watch, said she was shocked to discover that the majority of councils’ data breaches go unreported and that staff often lack basic training in cyber security.