The government is looking to the private sector for advice as to how it should develop and implement data and cyber security during the current parliamentary term.
Security minister Baroness Pauline Neville-Jones spoke about the plans during the Homeland and Border Security 2010 conference which took place last week. She said that citizens needed to trust that their data would be protected, which will require significant public sector investment backed by private sector innovation.
Baroness Neville-Jones said that private sector organisations would be consulted on and be able to influence the movement of data security policy. She said that policy was developing, but that it might be considered to be immature in what has been an emerging market.
Advice from the National Security Council has apparently been key in persuading the government that the role of the private sector in cyber security policy must be significant in order to properly address the threats that exist.
Baroness Neville-Jones added that businesses looking to protect intellectual property and data had a right to expect assistance from the government. She hopes that the government will be able to provide better protection from attacks if it consults with private businesses and, in return, they will be able to contribute more to the national economy with less being spent on incidences of data loss and cyber attacks, resulting in a mutually beneficial partnership.
The Baroness went on to highlight the serious data security risks facing many businesses, saying that in many cases it was a lack of awareness and understanding that was putting UK firms at risk. She pointed out that recent research has shown how many businesses lack the necessary tools to detect when data theft has occurred, leaving them even more vulnerable.
To counteract these issues, the government is planning to provide better training and a range of awareness campaigns which it hopes will be influenced by experience from within the private sector itself.
She implied that the government would look into creating legislation that would allow it to enforce data security regulations, unifying the level of protection across all UK businesses and public sector bodies.