back to article MoD: 27 per cent of our computers are secure

The Ministry of Defence has admitted that only 27 per cent of its computers (of those so far checked) are fully compliant with the government's security standards. Minister for the Armed Forces Bob Ainsworth, in answer to a parliamentary question, laid out the Ministry of Defence's IT security position: 58 per cent of systems …

COMMENTS

This topic is closed for new posts.
  1. Gordon Pryra

    Did he say that with a straight face?

    You can see why McKinnon wants to be tried in this country, I bet the American systems are the same, they would just never admit it

  2. Phil Endecott

    Alternative headline

    From those numbers you could also have chosen the headline "No computers fail security check", since all of the systems tested so far have either passed unconditionally or passed conditionally.

  3. Phillip Bicknell
    Linux

    Wrong side

    Reminds me of the old joke about the chap walking down Whitehall who asks "Which side is the War Office on?" Back comes the retort, "Ours, I hope!"

    Tux because he's secure :-)

  4. Chris Miller

    Point of order

    As I read it, for every 100 MoD machines:

    58 have been assessed of which:

    - 27 have passed

    - 31 have failed (in some major or minor fashion)

    42 remain to be fully checked.

    So it's really the case that 47% (27/58) of the machines that have been checked are secure.

    Here endeth the maths lesson.

  5. Nemo Metis
    Paris Hilton

    Re:Did he say that with a straight face?

    Why do you think they're throwing the book at him? They know the systems are less protected than an Essex girl's cherry, they just don't like it being shouted about.

    Paris.. well given the Essex girl comparison, there wasn;t anything else to choose really...

  6. N
    Joke

    dont they mean

    27% are not connected to the Internet?

  7. Anonymous Coward
    Anonymous Coward

    Percentages...

    Is the MOD missing an opportunity to present favourable numbers? They have checked 58% of their systems...that 58% represented by 27% being fully OK and 31% less than fully OK.

    So 27/58 or just under 47% of their systems are fully OK? And all things being equal (which they might not be) the 47% figure would only vary marginally whereas the 27% figure quoted will change dramatically.

  8. Paul
    Gates Horns

    the other 73%...

    must be running Windows.

  9. Steve
    Joke

    lol

    Must be hard to loose a complete network of computers on a train..

    Picture it now the MOD Guidelines as follows:-

    1. Dont leave desktop on train or other public transport

    2. Remeber to use a password (And not password as a password)

    Feel free to add more lol

  10. Dave
    Thumb Up

    Openness and transparency

    I think Mr Ainsworth should be praised for his full disclosure - it doesn't happen often!

    Plenty of work to get the accreditation status of the remainder up-to-speed; pity that there are insufficient MoD Accreditors...

  11. amanfromMars Silver badge

    Only half of the story ...

    The real fun begins whenever you are contracted to "break" MODified Operating System and render them liable to catastrophic attack with zero defence. That fairly causes them a few concerns and highlights some very glaring deficiencies/insufficiencies.

  12. Will

    I always love Lewis' definitions of classification levels...

    If that's how the military and MoD look on Secret, Confidential and Restricted then it's no wonder that so much stuff goes missing!

  13. Anonymous Coward
    Anonymous Coward

    Secret data

    "and to non-networked systems which contained data "above Secret" - in other words classified information of some importance. Information classified Secret and below (Confidential, Restricted) in the MoD is typically not very significant in a national security context"

    This is absolute bullshit of the highest order. Having worked on classified systems, systems and data protectively marked as SECRET most definitely are important in a national security context.

    Whilst it may be true tha tmuch data classified as RESTRICTED is not that important, SECRET definitely is.

    The level above SECRET is TOP SECRET. If your article was correct, then anything worth protecting would all be classified at TOP SECRET and would require everyone using those systems and data to be developed vetted, which is a very long and uncomfortable process to go through, and is only undertaken if absolutely necessary. People that are security cleared are not routinely DV'ed and do not have routine access to information at TOP SECRET.

    Your article is wrong.

  14. Anonymous Coward
    Anonymous Coward

    Heads up El'reg

    and Bob forgot to mention that the RAF is currently crippled by network outages due to a virus

  15. Anonymous Coward
    Anonymous Coward

    *Sigh*

    Lewis is always on with this "anything less than top secret is dull" stuff.

    The definition of SECRET, promulgated by the Cabinet Office, is 'information, the unauthorised disclosure of which is likely to cause grave damage to the interests of the nation'.

    Having said that, I agree that to have such a high proportion of systems with no accreditation, or interim/conditional accreditation, is an indictment. It's been a requirement for networked systems for well over a decade, now.

  16. Anonymous Coward
    Thumb Down

    Sigh

    "Information classified Secret and below (Confidential, Restricted) in the MoD is typically not very significant in a national security context - although it may be personal and private."

    This is incorrect.

    I've just decided to stop reading this website for a good while. If the information supplied as purported analysis is not at all reliable then what is the purpose?

    Goodbye.

This topic is closed for new posts.

Other stories you might like