The Ministry of Defence has admitted that only 27 per cent of its computers (of those so far checked) are fully compliant with the government's security standards.
Minister for the Armed Forces Bob Ainsworth, in answer to a parliamentary question, laid out the Ministry of Defence's IT security position:
58 per cent of systems have been through the accreditation process. Of these, 27 per cent of systems are classed as fully accredited and are being operated in a manner within the MOD’s Senior Information Risk Owner (SIRO)’s risk appetite; 31 per cent of systems are currently classed as having conditional or interim accreditation with constraints placed on the operation of the system to ensure that identified risks are adequately managed within SIRO’s risk appetite.
The balance of systems (42 per cent) are in the process of being accredited.
Ainsworth said that the figures applied only to computers which were connected to networks, any which contained "sensitive or personal data", and to non-networked systems which contained data "above Secret" - in other words classified information of some importance. Information classified Secret and below (Confidential, Restricted) in the MoD is typically not very significant in a national security context - although it may be personal and private.
The figures did not cover stand-alone systems rated Secret and below, or non-networked machinery without any private data in it. ®