Enforcing Cybersecurity Law in the UK

UK Cybersecurity Statistics

One of the main roles of government in any country is to protect its citizens from a variety of potential threats. With most countries of the world now participating in online activities, governments have been tasked with policing and the creation of legislation in an attempt to secure this new dimension. In some cases, enforcement is necessary, and this very enforcement has provided the United Kingdom with some impressive statistics in their Q3 (current) report on cybersecurity.

As a result of quarterly statistics provided by the government sponsored Information Commissioner's Office, citizens of the United Kingdom can access reports on action taken by their government as it relates to breaches of cybersecurity. For instance, the report notes that there was one fine administered in Q3 related to a data breach by an unnamed historical society. In this case, a laptop containing data of people who had donated artefacts to the society was stolen while an employee utilised it to complete work away from the office. The laptop was not encrypted and the organisation did not have policies in place as it pertains to working from home or data storage on mobile devices. These events, including a lack of imposed policies, resulted in a breach of the data protection law of the UK and resulted in the subsequent fine of £500.

Though the government of the United Kingdom has a colossal role to play in monitoring and enforcing the actions of their citizens online, they could not do it alone. Reporting done by the computing public also plays a key role in a safe online community for all. In Q3, incidents reported by citizens decreased by 3.5%. This statistic presents a slight area of concern, however, as some types of data security incidents, such as a failure to redact data, increased by 12%.

The health, education and general business sectors of the UK economy have reported the highest number of incidents in Q3. Even with an 8% decrease in the third quarter, the health industry finds itself in the top three once again. With so much sensitive data stored on the hard drives of the above noted institutions, it should come as no surprise that they occupy the top positions for most targeted in cyber UK.

Overall, Q3 was a step in the right direction for cybersecurity compliance in the UK, as there was an 18% decrease in incidents of this nature. Ensuring the security of mobile devices in the workplace is highly recommended by the government of the United Kingdom, in this report. With 37% of cyber incidents involving the misconfiguration of cybersecurity equipment, the continued education of related software and devices could promote and reflect a further decrease in Q4 reporting.