Did he say that with a straight face?
You can see why McKinnon wants to be tried in this country, I bet the American systems are the same, they would just never admit it
The Ministry of Defence has admitted that only 27 per cent of its computers (of those so far checked) are fully compliant with the government's security standards. Minister for the Armed Forces Bob Ainsworth, in answer to a parliamentary question, laid out the Ministry of Defence's IT security position: 58 per cent of systems …
As I read it, for every 100 MoD machines:
58 have been assessed of which:
- 27 have passed
- 31 have failed (in some major or minor fashion)
42 remain to be fully checked.
So it's really the case that 47% (27/58) of the machines that have been checked are secure.
Here endeth the maths lesson.
Why do you think they're throwing the book at him? They know the systems are less protected than an Essex girl's cherry, they just don't like it being shouted about.
Paris.. well given the Essex girl comparison, there wasn;t anything else to choose really...
Is the MOD missing an opportunity to present favourable numbers? They have checked 58% of their systems...that 58% represented by 27% being fully OK and 31% less than fully OK.
So 27/58 or just under 47% of their systems are fully OK? And all things being equal (which they might not be) the 47% figure would only vary marginally whereas the 27% figure quoted will change dramatically.
"and to non-networked systems which contained data "above Secret" - in other words classified information of some importance. Information classified Secret and below (Confidential, Restricted) in the MoD is typically not very significant in a national security context"
This is absolute bullshit of the highest order. Having worked on classified systems, systems and data protectively marked as SECRET most definitely are important in a national security context.
Whilst it may be true tha tmuch data classified as RESTRICTED is not that important, SECRET definitely is.
The level above SECRET is TOP SECRET. If your article was correct, then anything worth protecting would all be classified at TOP SECRET and would require everyone using those systems and data to be developed vetted, which is a very long and uncomfortable process to go through, and is only undertaken if absolutely necessary. People that are security cleared are not routinely DV'ed and do not have routine access to information at TOP SECRET.
Your article is wrong.
Lewis is always on with this "anything less than top secret is dull" stuff.
The definition of SECRET, promulgated by the Cabinet Office, is 'information, the unauthorised disclosure of which is likely to cause grave damage to the interests of the nation'.
Having said that, I agree that to have such a high proportion of systems with no accreditation, or interim/conditional accreditation, is an indictment. It's been a requirement for networked systems for well over a decade, now.
"Information classified Secret and below (Confidential, Restricted) in the MoD is typically not very significant in a national security context - although it may be personal and private."
This is incorrect.
I've just decided to stop reading this website for a good while. If the information supplied as purported analysis is not at all reliable then what is the purpose?
Goodbye.