Public and private sector providers London have been advised of the risks of ‘data dumping’, whilst they attempt to abide by the newly issued Government Security Classifications Policy (GCSP).
Under the recently announced declaration, security departments and affiliated parties have only 9 months to re-classify their data from utilising the ongoing 6 levels of restrictive grading to 3, and ought to put through the modifications consistently as portion of a unified risk-management procedures, articulated consultancy company Auriga.
While giving a chance for government sections, authorities and their private sector providers to simplify their categorisation; the corporation warned that the procedure may prove unpleasant initially, as London establishments reassess information, specify categories and adapt their risk management attitude.
The GCSP will scale down the 6 levels of the Government Protective Marking System (GPMS) of ‘top secret, secret, confidential, restricted, protected and unclassified’ to ‘top secret, secret and official’. These have a suggested commencement date of April 2014. The classifications will be required to be in situ to assist guide the supporting security risk management procedures and produce a more knowledgeable risk-driven approach to the administration of the company procedures.
A subject matter expert at Auriga, remarked that a information categorisation scheme ought to be an intrinsically expression of any establishment’s commercial data lifecycle procedures, with the method to risk management, and the requisite degree of sureness, determined through the features of each security categorisation.
The GSCP are able to assist sectors and security organisations to realise the commercial and security benefits from this; it is essential that commercial data categorisations are considered effectively and structured with the establishment’s data lifecycle procedures, and not carried out in hastiness.
The managing director of Auriga remarked: “Departmental preparation needs to be thorough where possible and involve considerable business and process changes in order to gain a more effective security and functional practices and the necessitated cultural changes and reforms that the procedures hope to render. That requires time and patience from company but GSCP is essentially a pattern for adjustment and change in management.”