Civil service cybersecurity 'clusters' pilot projects planned this month

Departments will pool resources to tackle security threats identified by National Audit Office

The Cabinet Office is planning to pool resources and expertise in 'clusters' across Whitehall in a bid to improve the cybersecurity of central government - with pilot projects expected to start later this month.

The move follows a National Audit Office (NAO) report published in September that suggested that there was an average of 200 national security incidents that required the attention of GCHQ every month in 2015 - double the average of the previous year.

In its report, Protecting Information Across Government, the NAO recommended rationalising the number of organisations in central government that are involved in cybersecurity and centralising security in cross-departmental clusters.

"Too many bodies with overlapping responsibilities operate in the centre of government, confusing departments about where to go for advice. As at April 2016, at least 12 separate teams or organisations in the centre of government had a role in protecting information, many of whom produce guidance," claimed the NATO report.

It continued: "While the new National Cyber Security Centre (NCSC) will bring together much of government's cyber expertise, in the NAO's view, wider reforms will be necessary to further enhance the protection of information."

The NAO argued that this structure is inefficient and, given the high and growing number of data breaches in Whitehall, needed an overhaul. It recommended centralising expertise and know-how.

The pilot cluster is being instigated by the Cabinet Office and will address financing, as well as roles, responsibilities and standards, and the security services it will provide when it launches. The pilot will involve as many as six central government departments.

The establishment of the security cluster will include input from various government security agencies, including the NCSC and the Centre for the Protection of National Infrastructure.

The NAO report painted an image of security in central government that would appear to be deteriorating fast: in addition to the doubling of national security incidents, it noted that the 17 largest departments of government had reported 8,995 data breaches in 2014-15.

Because of the fragmented nature of the government's security response, the overall cost of spending on cybersecurity is consequently hard to pin down. The NAO claims that the official figure of £300m is probably under-estimated by several times.

Government also has the unenviable reputation for being the worst sector for dealing with security vulnerabilities in IT developments. The government has also sought to deal with the skills shortage in cybersecurity in its Cyber Security Strategy.