Latest Data Security Research – Public Sector

With insights from employees, IT decision makers, and data security leaders in local and central government, our latest research investigates the digital transformation challenges facing public sector organisations today.

Sponsored by Oscar Krane

Communication is at the heart of all public sector organisations. A culmination of the global pandemic and digital transformation means that methods used to engage with stakeholders are increasing: social media, email, websites and online forms, portals, file transfer sites, traditional print and post - the list goes on.

So many channels of communication result in a lack of cohesion between departments and frustration for residents. For IT professionals, vectors for data security become broader and harder to maintain.

“Our employees are engaging with a variety of agencies and stakeholders everyday, such as housing agencies, tenants, benefits agencies, NHS organizations, and other councils. Even when emailing other government bodies, we need to secure sensitive data. We recently received a query from the electoral roll. They send huge quantities of sensitive information relating to residents to their poll clerks, for example, and this data needs to be encrypted (...) When we email residents via their personal email address regarding council tax or benefits, we need to protect sensitive data, then, too. The recipient experience is also important to us.”
- South Kesteven District Council

User-experience for employees and service users is vital for all public sector organisations, be it the police dealing with cases of domestic violence, or local authority employees concerned with Looked After Children. When engaging directly with citizens, administrations must take into account all levels of digital ability. Requiring residents to create accounts and navigate clunky portals to engage with their council reflects poorly on the organisation.

Understanding the needs of users is the first step in establishing what solutions will work best for teams: who do employees engage with and what are the specific needs of recipients? What types of information do they handle? 

Often the service users most dependent on local government are those most impacted by the digital divide. Like the majority of developed countries, the UK has a growing elderly population. Today, digital exclusion is a social care issue; digital transformation sees vulnerable communities left behind and now it is up to local authorities to rectify this issue. 

Accessibility is an in-house problem

Last year, the Central Digital and Data Office (CDDO) introduced a cross-government digital and data strategy named Transforming for a Digital Future which seeks to address long-standing digital transformation challenges.

The CDDO acknowledges that, compared to the private sector and other countries around the world, the UK government lags behind in the way it utilises technology and data to drive efficiencies and improve service delivery.

In fact, according to the National Audit Office (NAO), increasing recruitment challenges left the CDDO concerned that digital teams would not have the skills and expertise to implement the missions outlined in its roadmap. 

According to a report published by the NAO, only 4% of civil servants are digital professionals - a striking comparison to other sectors, in which between 8-12% are digital professionals. The reason for this is two fold: cost and availability. Public sector pay levels simply do not attract the talent needed to address the scale of transformation required, and recruitment is fragmented across the UK, meaning finding professionals with the relevant skills is inconsistent and ineffective.

This presents some serious challenges for IT leaders looking to empower employees to work efficiently and securely.

While compulsory training, cyber attack simulations, and security policies go some way in preventing security leaks, they can also create a fear culture and hinder productivity. In fact, in a study of over 6000 employees, just 67% had received some kind of data security training in the last two years. Of these, only 36% stated they have applied their learnings in their core role.


That is not to say that training does not have a place in the public sector. Educating employees in digital security best practice is very important. However, people require more than compulsory training to harness and develop digital skills that have a truly positive impact in their day to day work. 

It stands to reason that, wherever possible, the best course of action is to simplify digital initiatives. Ultimately, employees must be empowered by technology to deliver quality services for residents, without putting data at risk.

What next? 
Chapter 3 | The problem of interoperability

When tech doesn't integrate, secure digital engagement is impossible. Read our latest research.

Get insight from industry experts

Meet our expert contributors
Setting the data protection standard
Glen Hymers, BA (Hons), DipCSMP, Cert HE, CIPP/E, CIS LI, GDPR P, M_o_R, Head of Data Privacy & Compliance and Information Assurance, Cabinet Office

"It is crucial that the public sector takes a proactive approach to data protection and privacy. This means implementing strong technical and organisational measures, (...) the technology we use is fit for purpose and configured correctly, and that we train staff on data protection and privacy best practices."

Modern data management in the public sector
Robert Montgomery, Audit & Governance Lead Manager, Telford & Wrekin Council

"There are common mistakes being made in organisations where the method of digital commerce is shaping service provision and the actual IT solution is seen as the ‘end’ and not a ‘means to an end’. Firstly, the purpose/service requirement should decide the IT solution and not the other way around."

Download the research

Read the latest insights, trends and expert views on digital transformation and data protection in the public sector.

Zivver Knowledge Hub

Learn more about Zivver