Protecting information while re-designing public services and introducing the technology necessary to support them is an increasingly complex challenge.
The Cabinet Office has not yet established a clear role for itself in coordinating and leading departments' efforts to protect their information, according to a report by the National Audit Office (NAO).
National Audit Office report
The NAO report found that the Cabinet Office ambition to undertake such a role is weakened by the limited information which departments collect on their security costs, performance and risks. It also notes, however, that the UK Government has a strong international reputation in some areas of information security and digital government.
Protecting the information departments hold from unauthorised access or loss is a critical responsibility for departmental accounting officers. Departments are, however, increasingly required to balance this responsibility with the need to make this information available to other public bodies, delivery partners, service users and citizens via new digital services.
And increasing dependencies between central government and the wider public sector mean that the traditional security boundaries have become blurred.
According to the NAO, too many bodies with overlapping responsibilities operate in the centre of government, confusing departments about where to go for advice. As at April 2016, at least 12 separate teams or organisations in the centre of government had a role in protecting information, many of whom produce guidance.
While the new National Cyber Security Centre (NCSC) will bring together much of government’s cyber expertise, in the NAO's view, wider reforms will be necessary to further enhance the protection of information.