Councils spend more on 'mindfulness' than on IT security

Research has revealed they are spending nine times more on health and safety than IT security

IT security

Research by Citrix has revealed councils are spending nine times as much money on health and safety training than IT security training, which could have detrimental consequences.

An average of 27,818 is spent by the average local authority on health and safety, yet the budget only stands at 3,378 for IT security training.

While the total council spend on 'mindfulness' training was 140,888.81 in 2016, it stood at just 56,441.13 for IT security and 48,269.97 on data protection.

The amount spent on educating staff around health and safety issues has almost doubled in the last 12 months and includes topics such as meditation, working at heights and managing difficult situations, yet protecting IT systems against cyber criminals has fallen behind.

However, the information did point out that councils are making smart devices such as smartphones and tablets a key part of their IT strategy, with an average of 714 smart devices in use per local authority.

"A broad scope of training is vital in today's work environment," Jon Cook, director of sales at Citrix UK & Ireland, said. "We commend local authorities for arming their employees with these additional skills, as well as seeking to improve their work/life balance through issuing smart devices and committing to a well-rounded programme of training courses."

A total 86% of local authorities failed to spend anything at all on IT security training, data provided by Citrix's Freedom of Information (FoI) request revealed, and 40% of the smart devices in use by personnel aren't protected by enterprise mobility management software.

"Sadly investing in IT security usually falls quite low in the spending list for most local authorities," Mark James, security specialist at ESET, said.

"The consequences for failures in IT sec are significantly lower than other areas with no clear guidelines on what constitutes a failure. If you back that up with unsuccessful or fairly insignificant fines then in most cases it's easier to do something about it after it happens than before."

The report revealed that 24% of local authorities do make use of free e-learning' or on the job' data protection and IT security training to help educate staff, but Citrix said more effort must be made to protect the organisation.

"With the responsibility for managing citizen data, coupled with the risk of penalties of up-to 500,000 for data-breaches, it is crucial that employees know how to keep information secure from external threats," Cook said.

"With the stakes so high, councils must ensure that staff understand the importance of data protection in the growing threat landscape."

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

Microsoft spearheads industry-wide charter against AI cyber attacks
Security

Microsoft spearheads industry-wide charter against AI cyber attacks

23 Oct 2020
Weekly threat roundup: Chrome, Citrix and WordPress
Security

Weekly threat roundup: Chrome, Citrix and WordPress

23 Oct 2020
IT services giant Sopra Steria falls victim to Ryuk ransomware
Security

IT services giant Sopra Steria falls victim to Ryuk ransomware

23 Oct 2020
CMS platforms succumb to KashmirBlack botnet as businesses rush online
Security

CMS platforms succumb to KashmirBlack botnet as businesses rush online

22 Oct 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020