My impression is that the UK has very little “in house” IT skill. A lot of UK digital infrastructure is pretty shoddy because of a longstanding over reliance on external contracting combined with a lack of a decent technical core within the civil service. It feeds into a cycle where fixing things would be too expensive, even though maintaining broken and old stuff is expensive and difficult even without crises like these. It’s a mess.
Comment on Details of millions of UK voters accessed by Chinese state, ministers will say
HeartyBeast@kbin.social 7 months agoFrom what I can tell it was precisely because the Electoral Commission was not spending money with these kind of folks that they were breached. They were running on old software, poorly configured with minimal spend. They had just failed a security audit.
AnarchistArtificer@slrpnk.net 7 months ago
mannycalavera@feddit.uk 7 months ago
That might be the case here, fair. However it’s borderline inept that the UK government cannot maintain a dedicated security and audit team for our data. The fact that they have to rely to large consultancy firms that bind the government into inadequate long term contracts is a depressing shame.
If you’re interested check out the history of GDS and why it failed on its initial remit of encouraging more small to medium vendors. I’m not saying that would have helped here, but it highlights the problem of mega large multinational consultancy firms and their stranglehold over providing government services. The amount of money wasted will make your heart bleed.
HeartyBeast@kbin.social 7 months ago
You might find this interesting https://www.bbc.co.uk/news/technology-66709556