Cyber security is more important than ever – and we take our duty to protect our customers’ data very seriously.
Today (28 January) is international Data Protection Day, and that seems like a good time to discuss some of the work we do at DVSA to keep your data safe.
The Information Management and Security (IMS) team at DVSA makes sure the data we use and collect across our services is secure.
We blocked more than 23,000 phishing attacks in 2019 alone
As a Government agency, we are often the target of hackers, terrorist groups and other nations who may be trying to use sophisticated cyber attacks to destabilise the UK.
That makes our job particularly difficult: in 2019 alone, we detected and blocked more phishing attacks than ever before.
Cyber criminals are smart, and their methods develop as quickly as technology does. That means there is a constant arms race between us and them – and it’s vitally important we stay one step ahead.
Our data keeps you safe
The data we deal with at DVSA comes from a wide range of sources - our customer-facing apps, such as the Testing and Registration System (TARS), the online MOT system and the Vehicle Operator Licensing service (VOL), our internal apps such as Yammer and Sharepoint, and the information we store and transfer across our network.
Importantly, a lot of the data we keep relates to road safety.
For instance, our systems include data on MOTs for private vehicles. Vehicles which fail an MOT are not legally allowed on UK roads, so this data helps root out drivers who choose to flout the law if their vehicle fails the test, and ultimately, that helps keep you safe on the roads.
We also hold data on vehicle assessments we carry out by the roadside – our teams play a vital frontline role removing dangerous vehicles from the road, and the data we collect ensures those vehicles aren’t allowed back on the road until they are safe.
If we experience problems with our data security, that could have a negative knock-on effect on road safety in the UK.
So, as the operational security manager in the IMS team, I can’t stress how important our work is.
Online data is now a battleground
Personal data has become a new battleground with the growth of the Internet – now most people are connected via a smartphone in their pocket, and many websites require passwords and personal data which most of us would never share with a stranger face-to-face.
The General Data Protection Regulation, known as GDPR, was implemented by the EU in 2018 and aims to set out the rules of this new front. The regulations underline the trust that customers place in organisations online – and the responsibility of those organisations to store and use customer data safely.
There are fines of up to €20 million (around £17 million) for non-compliance with GDPR – so if losing the trust of your customers and potentially exposing them to risk wasn’t a good enough reason to treat their data seriously, there’s a clear financial incentive too.
All this means our IT security professionals have to get to grips with new software and increasingly sophisticated attacks on an almost daily basis. New system vulnerabilities emerge regularly and threaten the integrity of our networks and services. It’s the job of the IMS team to ensure our systems are robust and resistant to attack.
Is this the sort of challenge that sounds interesting to you?
We’re currently recruiting for cyber security roles at DVSA. You can view our current digital vacancies and apply at Civil Service Jobs: https://www.civilservicejobs.service.gov.uk/csr/index.cgi?SID=dXNlcnNlYXJjaGNvbnRleHQ9OTMxMzIyMzkmcGFnZWNsYXNzPUpvYnMmcGFnZWFjdGlvbj1zZWFyY2hieWNvbnRleHRpZCZrZXk9NTA3MDAwMCZyZXFzaWc9MTU4MDEzODEwOS1hYTc2ODUxYTQ5ZDljODM0ZGE1MDE2ZjVkNmFkOWViODdhNDJmOWI5