HMRC misses deadline to create team of cyber investigators

Creation of team aiming to counter the increased threat on HMRC's systems is running late

The government's tax collector, HM Revenue & Customs (HMRC), is now almost two months late on its commitment to create a team of cyber investigators.

In the department's Structural Reform Plan Monthly Implementation Update for December 2011, it stated that the deadline for the team's creation was the end of November 2011.

According to the document, work is ongoing and will be completed next month.

"Recruitment activity is ongoing and will be completed during February. Key posts have been filled and the supporting infrastructure is in place," it said.

Once active, the team will aim to protect HMRC from cyber attacks. The document describes the objective as:

"[To] create teams of cyber crime investigators and launch cyber crime initiatives to counter increased threat of attacks on HMRC systems and customers using [the] internet."

An HMRC spokesperson said it is important to get the recruitment right in order to protect its systems:

"We've got to have exactly the right people in place to tackle cyber crime. It's important to get the recruitment process right and that takes time.

"The department's systems have never been hacked but we are constantly on our guard."

The plans for the team were originally laid out in the government's Cyber Crime Strategy in March 2010, which explained the need to create specialist cyber teams in several departments.

"We believe that the creation of specialist units is the right approach, as it allows for the development of expertise in highly complex areas," it stated at the time.

"This approach allows a flexibility of response, and an ability to understand the key drivers and criminal behaviours as well as the characteristics of victims who may be vulnerable to the crimes."

In October last year, the government released a document outlining concerns at its inability to retain internet specialists amongst its workforce.

The document was drawn up in response to the Intelligence and Security Committee's annual report, which stated that the Government Communications Headquarters (GCHQ) in particular are unable to retain cyber experts.

The government stated that it shares this concern, and said that it will support departments in training their staff on cyber issues.

"Policies for the recruitment and retention of specialist staff are the responsibility of individual departments; however, under the National Cyber Security Programme, the government will support individual departments and agencies in developing cyber security training and skills programmes for their staff," it said.