Getting back to basics on government cybersecurity, the latest on digital ID, and more

Welcome to the Digital and Data Monitor. In this edition, we look at how governments are working to embed cybersecurity by design and the latest initiatives to implement digital ID systems while also building trust with citizens.

Later this month, Public Service Data Live will take place in London and we interview one of the speakers, NHS chief data and analytics officer Ming Tang.

Richard Johnstone
Executive editor
Global Government Forum

In this edition:

• Governments urged to get back to basics to stay ahead of cybersecurity threats 
• US National Institute of Standards and Technology releases new draft of digital identity proofing guidelines
• Can governments get citizens on board for digital ID?
• Get ready for Public Service Data Live
• Exclusive research: Fostering an agile, digital and risk-taking culture focused on delivery

Governments urged to get back to basics to stay ahead of cybersecurity threats

Government institutions are a common target for cybercriminals and state-sponsored actors, presenting an ever-growing risk to their systems and assets.  

On a recent Global Government Forum webinar, experts from the US federal government, the United Nations and the private sector discussed how they are working to improve cybersecurity as well as services for users. 

The challenge: Paul Selby, deputy chief information officer and chief information security officer in the US Department of Energy’s Office of the Chief Information Officer, gave a frank appraisal of the situation today. Despite industry and governments talking about cybersecurity for many years, he said: “Honestly, if we were to do an objective assessment, I think we’d have to give ourselves very poor marks for where we actually are in cybersecurity.”

“It’s really the basic cyber hygiene that I think we need to do a better job on,” he said, pointing out that too many applications still don’t include multi-factor authentication, data encryption or data at rest, for example.

Taking responsibility for cyber: Selby discussed the Department of Energy’s cybersecurity strategy, which was launched earlier this year, based on the federal government’s five-pillar national strategy. “One of the principles of the administration’s National Security Strategy is to take the responsibility for cybersecurity out of the end users’ hands and put it into [those of] organisations that are much more capable of dealing with this,” he said. 

Help and help alike: Yu Ping Chan, head of digital partnerships and engagement at the United Nations Development Programme (UNDP), discussed the need for collaboration across borders to support less developed countries who may not be as well equipped to tackle cybersecurity issues.  

A global developmental challenge: “We see cybersecurity as a developmental challenge, not just a cybersecurity or technical challenge in and of itself,” Chan said. “Cybersecurity is also important on the global stage, not just for individual countries.” 

Read the full report from the session: Find out how governments are adopting zero trust approaches and the role AI will have in the landscape of cyber threats

US National Institute of Standards and Technology releases new draft of digital identity proofing guidelines

The US National Institute of Standards and Technology (NIST) has set out a draft update to its digital ID guidance for federal government organisations on verifying service users online.

What it covers: The new draft sets out the fundamental processes for verifying user ID online and offers alternative security methods, such as passkeys to mobile drivers’ licences. Facial recognition was also raised as a possible new feature of digital ID infrastructure. 

The draft guidelines have been updated to reflect the robust feedback that NIST received in 2023 as part of a four-month-long comment period and a year of external engagement.

Where is digital ID in the federal government? Federal agencies currently use a version of the guidelines rolled out in 2017. Once the consultation is completed on these draft guidelines, NIST’s aim is to produce a final version in 2025.  

The objective: Jason Miller, deputy director for management at the US Office of Management and Budget, said that the update “highlights the Biden-Harris administration’s commitment to strengthening anti-fraud controls while ensuring broad and equitable access to digital services”.

The revisions are intended to “help federal agencies better defend against evolving threats while providing critical benefits and services to the American people, particularly those that need them most”, Miller said.

‘As many pathways as possible’: Ryan Galluzzo, NIST’s digital identity programme lead, said that the agency would keep as many pathways to secure online access to services open as possible.  

“We want to open up the use of modern digital pathways while still allowing for physical and manual methods whenever they may be necessary,” Galluzzo said.

Read more: US National Institute of Standards and Technology refreshes digital ID guidelines 

Can governments get citizens on board for digital ID?

An upcoming Global Government Forum webinar will look at how governments around the world can develop the use of digital identities.

Why this matters: Global Government Forum’s Digital Leaders Study 2023 identified digital ID systems as an essential capability in realising visions of more seamless services that wrap around the user. However, some have acknowledged that there is a need for ‘mythbusting’ about digital ID projects to boost citizen backing.

Exclusive webinar: Find out how governments can implement digital ID systems – and build trust and confidence among citizens. The event will hear from public servants in Estonia, Norway, Finland and the United States on the service improvements that have been unlocked where governments have developed and implemented digital IDs, and how governments have been able to gain – and maintain – public support for these programmes.

Register now: The event takes place on 24 September

Where governments are making progress on digital ID: Many countries are currently implementing digital ID programmes. The government of Indonesia has embarked on a digital transformation programme, with digital identity and cloud data storage among the areas of focus, while the Malaysian government is set to make its digital ID service available to the public later this year. Australia has moved forward with plans to develop a national digital ID, expanding on existing digital IDs for full use across national, state and territory governments.

Making online transactions easier and safer: Setting out the thinking behind the digital ID last year, Katy Gallagher, Australia’s minister for finance, said the provisions of the bill aimed to make all online transactions easier and safer for Australians. She said improving online safety was a priority for the government, and that there would be strong independent oversight of digital ID.

UK streamlines access: In the UK, the government is developing a single login to make it easier for people to quickly access the services they need, and to improve data sharing across the public sector. The One Login system will allow users to create a government account to access services online, and is already being used by 30 government services and more than 3.8 million people have so far proven their identity through the system, according to a parliamentary answer in March.

Mythbusting: However, some countries have struggled with implementing digital ID systems. The UK government published a mythbusting article over its plans to develop digital identity verification for online services to address “several misconceptions” about the One Login programme. The Government of Canada is also examining the potential of digital credentials to better join up services.

Reminder: Join GGF’s upcoming webinar, Digital ID: Can governments get citizens on board?

Get ready for Public Service Data Live

Global Government Forum’s Public Service Data Live conference returns on Thursday 19 September with an agenda focused on how data and artificial intelligence can help unlock better government services.

The second annual conference, held at the Business Design Centre in London, will hear from leaders from across the UK government and wider public sector on how to improve the way data and AI are used in the public service.

Sharing insight: This highly anticipated event comes less than 100 days after the UK general election led to the creation of a majority Labour government, and this engaging programme of sessions and roundtables will be a key opportunity for senior public servants to set out the emerging digital and data priorities of the new administration.

Government rewired: The conference is one of the first major UK digital government events to be held since it was announced that the three central digital agencies – the Government Digital Service, the Central Digital and Data Office and the Incubator for AI – will move from the Cabinet Office to the Department for Science, Innovation and Technology. Speakers at the event will discuss the work being done across government to meet the objective of “driving forward the digital changes needed to overhaul the British public’s experience of interacting with the government”.

Data needs diverse thinking: Speakers at the event will include NHS chief data and analytics officer Ming Tang, who has been interviewed by Global Government Forum.

“I am totally inspired by the digitalisation work by the Indian government”: Tang highlights the work of digitisation in the world’s most populous country, noting how it has enabled digital patents and the formulation of digital identity for 1.3bn people. “The approach was not mandated and provided ease and convenience for the citizen to pull them in and transformed the Indian economy over 10 years,” she says.

Find out more at Public Service Data Live: Tang will take part in a panel discussion on the Ada Lovelace stage on the topic of using data to deliver world-class government services. She will be joined by Gina Gill, chief strategy officer, Central Digital and Data Office, and Tariq Khan, chief digital and information officer, London Borough of Camden.

If you are a public servant, you can register to attend Public Service Data Live for free here.

Exclusive research: Fostering an agile, digital and risk-taking culture focused on delivery

Global Government Forum research has revealed the key characteristics needed in a modern public service, with priorities ranging across leadership, digital service delivery, workforce development, cross-departmental integration, and citizen trust.

The Making Government Work report is the result of interviews with 12 senior civil service leaders from around the world, and identified five pillars that are key to effective government:

• Strong leadership with mutual respect and alignment between ministers and senior officials
• Building a highly skilled, inclusive and thriving public sector workforce.
• Fostering an agile, digital and risk-taking culture focused on delivery.
• Implementing working structures that transcend organisational silos.
• Cultivating a service trusted by its users and the public.

Agile, digital and risk-taking: This third pillar focused on how to use digital to drive more agile government.

Transformative technology: The leaders say the most transformative factor shaping the future of civil service work is technology, particularly technology such as large language models (LLMs) and artificial intelligence (AI), especially generative AI. Our research indicates that AI is set to revolutionise not only internal operations but also how services are delivered to the public.

Getting AI right: Yet, embracing AI is not without its perils – and we will share more information on these findings in next week’s AI Monitor newsletter. But importantly, the research also highlighted that the groundwork for AI in government must be robust digital foundations – competent data management and secure, interoperable systems are prerequisites.

Keeping pace with digital expectations: Civil service leaders highlight that governments can’t escape the comparison between the digital services provided in the wider economy on phones and other digital devices. One of the leaders we spoke to said: “Digital systems have to be really good, and ours are not.”

This official said antiquated, clunky systems make it difficult to provide more agile services to users and improve back-office services. This is a common, recurring concern. During a recent interview as part of GGF’s Government Transformed podcast series, Kevin Cunnington, former director-general of the UK’s Government Digital Service and now executive adviser for Global Government Forum, highlighted a common issue in digital service reform: superficial enhancements that do not address underlying inefficiencies. The requirement, as one official said. is to “change the system as you operate it”.

Read in full: Exclusive Global Government Forum research reveals five pillars of a modern civil service

Plus, more on legacy tech: A recent partner content article from TPXimpact, published on Global Government Forum, looks at the impact of legacy tech: Solving the legacy puzzle: getting technology right in government to transform public services

Thanks again for reading this month’s newsletter. Please get in touch on email or X to share your thoughts on digital transformation in government.

Related Posts

• 

  10-year health plan for England bets big on digital
  10-year health plan for England bets big on digital
• 

  UK reforms data rules to improve public sector sharing
  UK reforms data rules to improve public sector sharing
• 

  Public sector fintech moves up a gear as Dublin hosts fourth Global Government Fintech Lab
  Public sector fintech moves up a gear as Dublin hosts fourth Global Government Fintech Lab
• 

  Global Government Fintech Lab in Dublin on 11 June 2025: register now
  Global Government Fintech Lab in Dublin on 11 June 2025: register now