Wheatley Renews call for Security Audit of GoJ Websites and Online Services
Opposition Spokesman on Science, ICT & Digital Society Development, Dr. Andrew Wheatley, is renewing the Opposition’s call for the Government to immediately execute security audits on all government online services and websites, especially those which house sensitive citizen data. Additionally, Dr. Wheatley is recommending that all Government websites be directed to use the Hypertext Transfer Protocol Secure (HTTPS) security protocol on all its public websites and web-based services and ensure this is implemented as soon as possible.
Dr. Wheatley said: “The latest defacement of the JIS website and subsequent actions which have taken the Houses of Parliament website offline, is yet another indication that protective measures must be put in place immediately to guard against these attacks and enhance the security of Government websites. We have made the calls before but it appears as though they have fallen on deaf ears. It is evident that not enough is being done to stave off these cyber-attacks.”
Dr. Wheatley further stated: “This latest attack comes mere months after an extensive cyber-attack on Government, affecting over 20 websites, and only weeks after the launch of the Government's Cyber-Security Strategy. Clearly a greater level of urgency is needed. We feel that in the short-term:
Use of the Secure Hypertext Transfer Protocol (HTTPS) security protocol on all Government public facing websites and web-based services.
Clearly mandated security updates and audit cycles.
would significantly reduce the vulnerability of Government websites.”
In a February 2015 statement, Dr. Wheatley expressed the Opposition’s concern regarding the security status of Government websites. He said: "My information is that there are a number of online Government platforms which house sensitive information, but fall short of the mark where best practices relating to online security are concerned. Whether it be use of cyber-security best practices or implementation of proper administration and monitoring processes, many of these platforms are woefully inadequate in terms of security provisions."
In that statement the Opposition Spokesman demanded that the Government took steps to immediately execute security audits on all its online systems, with a view to employ more effective measures of securing the platforms on which government online services are run, and to secure the sensitive data that is stored on them.
Dr. Wheatley reiterates that the recent launch of the National Cyber-Security Strategy, while representing a move in the right direction, brings certain issues to the fore, including the Opposition’s concern regarding the implementation time-line for certain aspects of the strategy amid escalating global cyber-security threats.
Dr. Wheatley said in closing: “Cyber-security is of high importance both in the public and private sector, and it is in the interest of the nation that action be taken immediately to determine the status of all online services as it relates to the security that surrounds them. The Government cannot afford to adopt a, "Simple Simon" approach in its response to cyber attacks and threats.”