Gov't adviser: More data breaches on the way

A Whitehall information-security expert has said that more government data breaches are inevitable, although they will diminish in number

One year on from HM Revenue & Customs' loss of 25 million people's personal data, a chief information-security expert at Whitehall has warned there will be more high-profile government data breaches to come.

Brian Collins, chief scientific adviser to the Department for Transport and the Department for Business, Enterprise and Regulatory Reform told ZDNet UK sister site how the government is protecting personal data.

"This is being done in a prioritised way. We are going to have to cope with a diminishing number of data breaches but there will still be data breaches," he said.

Speaking at a privacy conference, A Fine Balance, on Thursday, Collins revealed that government departments are seven months into an ongoing process of cataloguing all of the information they held for a "register of information assets".

Cataloguing the "trillions" of pieces of information handled by central government will be a "huge problem" for some departments, according to Collins.

He said it is particularly difficult for public-facing departments dealing with health- and pension-type information.

Deciding which data should be protected first is as difficult as the challenge of "putting a value on a human life" faced by road-safety officers, Collins said.

Speaking at the conference he added: "The register of information assets is a really big task if you have never done a proper information register before."

In the wake of the HM Revenue & Customs debacle, Collins said that government departments had discovered and closed security holes that were "on the edge of being quite dangerous".

Over the last year, around 30 million records have been lost by public and private firms, and the government recently supported giving the information commissioner powers to fine organisations for recklessly losing data and carry out unannounced checks on public bodies.

The government is initially concentrating on overhauling information security in those departments that handle the largest amounts of personal and financial information.