Since 2018, HM Naval Base Clyde (Faslane) and the Royal Naval Armaments Depot (RNAD) at Coulport have collectively recorded 104 security breaches, ranging from minor infractions to breaches of personal electronic device zones and mis-accounted documentation, according to a recent Freedom of Information (FOI) response.

Between 1 January 2022 and 31 December 2022, HM Naval Base Clyde, commonly known as Faslane, recorded a total of 60 security incidents.

The term ‘security breaches’ encompasses a range of incidents including minor breaches, mis-accounted documentation, lost ID cards, and breaches of personal electronic device zones, among others.

The Royal Naval Armaments Depot at Coulport experienced fewer breaches over a longer period. The data, broken down by year, reveals the following:

  • 2018: 2 breaches
  • 2019: 13 breaches
  • 2020: 11 breaches
  • 2021: 9 breaches
  • 2022: 9 breaches

This data indicates a peak in security incidents in 2019, with a significant reduction in subsequent years.

In the response, the Navy Command FOI Section highlighted the diverse nature of the recorded security incidents, which include minor breaches, mis-accounted documentation, and General Data Protection Regulation (GDPR) breaches.

George Allison
George Allison
George has a degree in Cyber Security from Glasgow Caledonian University and has a keen interest in naval and cyber security matters and has appeared on national radio and television to discuss current events. George is on Twitter at @geoallison
Twitter

RELATED ARTICLESMORE FROM AUTHOR

1 COMMENT

  1. General Data Protection Regulation (GDPR) breaches typically concern Personal Identification Information in Human Resources systems.

    That depends on the correct implementation of Data Retention policy that is derived from Employment Law and so opened by legal services within MoD.

    GDPR builds on the UK Data Protection Act so that implementation of Data Retention policy has been an HR requirement for many years and should be automated so that no breach is possible. The HR systems have all the data required to do that because they support the Employment life cycle from Hire to Retire.

    It’s much more difficult to implement Data Retention policy in the systems that support the non HR processes e.g. Logistics and Maintenance that require integration with HR to know the Data Retention events.

    It all comes down to I.T. investment and delivery in practice which requires an effective Data Protection Officer to initiate and follow through.

LEAVE A REPLY

Please enter your comment!
Please enter your name here