The recent cyberattack in France which has compromised the data of around 8,700 people applying for visas to live and work in France has resulted in personal details being leaked, including passport numbers and addresses. The public sector’s responsibility for personal data is a vital part of the public services to continue to build credibility and trust for its citizens, and improve the level of service whilst the security is maintained. This is exactly the reason we see organisations like the Met Police in the UK emphasise network visibility in their cybersecurity strategy.
Public sector organisations should adopt privacy standards and controls as regulated markets do, such as banks and healthcare. GDPR was created by the EU to manage exactly these types of concerns and incidents of data leakage, but it’s not enough for public administration to write data privacy legislation, it’s also crucial they meet these requirements themselves.