Rafe Uddin and Stephanie Stacey’s article, “Hack casts a shadow over public sector”, (Report, November 22) does a great job highlighting some of the glaring issues facing the UK’s cyber security infrastructure, particularly when it comes to legacy software vulnerabilities.
The characterisation of government departments and public bodies provided by Jamie MacColl, a research fellow at the Royal United Services set up think-tank, as “low-hanging fruit”, however, emphasises that despite investment, public sector organisations and the data they possess are, in too many cases, perceived sitting ducks. Sadly, they aren’t alone.
In the UK and beyond, public sector cyber resilience has been in the headlines in recent months, whether it be schools, hospitals, police forces and beyond. The bottom line is that similar attacks are likely to continue unless governments prioritise security frameworks that incorporate technology, people and processes.
Whether that means effective investment into particularly vulnerable entry points, appropriately addressing the vast amounts of legacy infrastructure across public sector IT estates or implementing strategies to thwart common attack vectors such as phishing or supply chain attacks, much work must be done.
Gerasim Hovhannisyan
Chief Executive & Co-Founder, EasyDMARC, Zoetermeer,
The Netherlands
