The UK Government, in the interests of saving money, says it wants to pass state secrets to the commercial data security sector. The government’s three security savings schemes were unveiled at the Infosecurity conference in London last week.
The Listed Advisor scheme, established by the Communications Electronic Security Group (CESG), part of the UK’s main electronic intelligence body, the Government Communications Headquarters (GCHQ), licenses trusted private security specialists to provide advice to a mixture of government departments and associated agencies which process sensitive information.
Under the CESG Assisted Product scheme (CAPS), independent firms receive technical assistance, including government algorithms which can be used in developing security products for government use.
The latest of the CESG plans called Check, involves using approved companies to checks the security of systems specified by the defence evaluation and research agency (DERA), and then publishing the results with recommended remedies and benefits to government security developers.
Government outsourcing has attained a new profile under Tony Blair’s Labour government, but trusting private companies with state secrets is not a totally new departure. GEC and Marconi have been working under private sector vetting systems for years, says Perri 6, a research fellow at government think-tank Demos. According to Perri 6, the outsourcing is merely a delegation of a lot of mathematical heavy lifting, and no cause for alarm over security vulnerability.
