Skip to content

Lack of training is a major reason behind council data breaches - report


04:00 Friday, 03 September 2021

UK Cyber Security Council

Cyber assessment and response company Redscan has released a paper claiming that a big reason for data protection breaches among UK councils in 2020 was a lack – and in some cases a complete absence – of relevant training.

In its bluntly-named report “Disjointed and under resourced: cyber security across UK councils”, based on outputs from Freedom of Information requests, Redscan estimated that around 700 breaches were reported to the Information Commissioner’s Office in 2020, with one council reporting as many as 29. It went on to note that just over 50% of council staff received cyber training in 2020, but that almost a third admitted that 25% or less had received cyber training and that 45% of organisations had no staff with formal cyber qualifications.

Additionally, the average spend on security training per employee across all councils is estimated by Redscan is £1.58, with 40% of councils spending nothing at all in the field.