UK Ministry of Defense has the worst rated IT security in Whitehall, with 11 “red-rated” systems

Whitehall
(Image credit: Shutterstock)

New data revealed in Parliament shows that 34 UK government departments have IT security that is “red-rated” - the worst score possible on the scoring system used to determine the security of IT systems and devices.

11 of these red-rated scores were attributed to Ministry of Defense (MoD) systems which means these systems are highly exposed to cyber attacks and breaches, as well as being inefficient and unsuitable for use.

In other government departments, the Department for Work and Pensions had six red-rated systems, the Ministry of Justice had five, and the Home Office and Cabinet office had four apiece.

“We don't even get the basics right”

This data was revealed in Parliament in response to questions raised by MP Matt Rodda, the Labour Party’s artificial intelligence minister who responded stating, “The scale of this problem is completely unacceptable. The Ministry of Defence, the department primarily responsible for Britain's security, should not have such serious failings in its systems. We don't even get the basics right.”

He continued by saying that it is in the public interest to know if such failures amount to a national security risk, “as its own criteria would suggest.” 

The Joint Committee on National Security Strategy released a report last month that found the Home Office had consistently given low priority to ransomware threats, with a further report showing that the current regulatory framework concerning cybercrime, known as the Computer Misuse Act, was introduced before the internet and remains outdated due to a lack of reform.

The report further criticizes the Home Office’s response to ransomware as a national security risk, stating that former Home Secretary Suella Braverman prioritized issues such as illegal migration and small boats, and “showed no interest” in the threat posed by ransomware.

Speaking to TechRadar Pro, ESET’s Global Cybersecurity Advisor Jake Moore, said, “This is extremely worrying especially when government systems are constantly targeted by numerous threat actors. Fixing legacy problems has always been a thorn in the side of the government but when national security is at risk, these issues need to be addressed immediately. 

“Costs are often seen as the reason behind a slower uptake on such fixes but now it is seen as a serious risk, it should hopefully be recognised as essential investments in national security and a critical step towards safeguarding the country’s digital infrastructure.”

The Defense Ministry has said that £4 billion is being invested into its Defense Digital Reform Programme, with a government spokesperson further stating, “We take the issues of resilience and security of our IT networks extremely seriously and we have always ensured that government IT systems keep pace with technological change.”

Via TheTelegraph

More from TechRadar

Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.