Cybersecurity is a shared responsibility: Lessons for public institutions in a digital era | Daily FT
headphones
Listen to the eFinder podcast briefing
Generate a natural audio summary of this story
Daily briefing
What to know about Cybersecurity is a shared responsibility: Lessons for public institutions in a digital era
Friday May 08, 2026 Friday, 8 May 2026 02:40 - - {{hitsCtrl.values.hits}} High-profile incidents affecting state financial systems and public institutions have shown how cyberattacks can erode public trust, raise concerns about governance and institutional…
Claims checked
13
Techniques found
0
Topics
0
Coverage spectrum
Coverage gap: Low Left coverage5 sources compared across this story cluster. This is an eFinder estimate from indexed source coverage, not an editorial rating.
What happened
Friday May 08, 2026 Friday, 8 May 2026 02:40 - - {{hitsCtrl.values.hits}} High-profile incidents affecting state financial systems and public institutions have shown how cyberattacks can erode public trust, raise concerns about governance and institutional…
Why it matters
While investigations are ongoing and facts continue to emerge, the episode offers something more valuable than outrage or blame.
Common ground
It brings into focus the need to pay closer attention to cybersecurity frameworks and to give greater priority to information governance in public institutions.
Perspective signals
No major persuasion pattern has been attached yet, so the source, headline, and evidence should carry most of the weight for readers.
Follow-up questions
- What concrete event or decision sits underneath the headline: Cybersecurity is a shared responsibility: Lessons for public institutions in a digital era?
- What evidence would most clearly confirm or weaken the claim that In 2020, the United Kingdom’s National Health Service reported a surge in phishing attempts during the COVID-19 pandemic?
- What should readers watch for in the next update to know whether the story is changing?
open_in_new
Read the original article: https://www.ft.lk/opinion/Cybersecurity-is-a-shared-responsibility-Lessons-for-p…
fact_checkClaims Checked
eFinder analyzed this article and checked 13 claims against available evidence, cross-references, web search, and Wikipedia. Here is what the fact-checking layer found.
info
Single Source
5
schedule
Pending
3
check_circle
Corroborated
3
help
Insufficient Evidence
2
Claim 1: “In 2020, the United Kingdom’s National Health Service reported a surge in phishing attempts during the COVID-19 pandemic”
SINGLE SOURCE
The search results provide general information about the UK but do not mention NHS phishing surges in 2020.
travel_explore
web search
NEUTRAL
— The UK is a constitutional monarchy and parliamentary democracy [o] with three distinct jurisdictions: England and Wales, Scotland, and Northern Ireland. Scotland, Wales and Northern Ireland have thei…
https://en.wikipedia.org/wiki/United_Kingdom
https://en.wikipedia.org/wiki/United_Kingdom
travel_explore
web search
NEUTRAL
— Find out more about our bustling cities, striking coastal routes and inspirational outdoor adventures. Discover captivating attractions and unmissable experiences as we reveal the top things to do in …
https://www.visitbritain.com/en
https://www.visitbritain.com/en
travel_explore
web search
NEUTRAL
— 14 hours ago · What is the United Kingdom? Which countries make up the United Kingdom? Where is the United Kingdom located on a map? What type of government does the United Kingdom have? What is the r…
https://www.britannica.com/place/United-Kingdom
https://www.britannica.com/place/United-Kingdom
Claim 2: “In Singapore, public officers undergo compulsory digital security training that includes simulated phishing exercises.”
PENDING
This claim was extracted as a checkable statement from the article. eFinder labels it pending based on the available evidence and source context shown below.
Claim 3: “Thirty eight percent of public sector respondents reported insufficient cyber resilience, compared to just ten percent of medium-to-large private sector organisations.”
CORROBORATED
Two independent sources explicitly confirm the statistics from the WEF 2025 report: 38% of public sector respondents reporting insufficient resilience versus 10% of medium-to-large private sector organizations.
travel_explore
web search
NEUTRAL
— Figure B: Organizations reporting insufficient cyber resilience. Click to enlarge.The public sector is disproportionately affected, with 38% of respondents reporting insufficient resilience, compared …
https://www.weforum.org/publications/global-cybersecurity-ou…
https://www.weforum.org/publications/global-cybersecurity-ou…
travel_explore
web search
NEUTRAL
— Global Cybersecurity Outlook 2025 5. These are the key findings from this year’s report and the main trends that executives will need to navigate in 2025: Supply chain vulnerabilities are emerging as …
https://www.quintessencelabs.com/hubfs/PDFs/WEF-Global-Cyber…
https://www.quintessencelabs.com/hubfs/PDFs/WEF-Global-Cyber…
travel_explore
web search
NEUTRAL
— The WEF found 38% of public sector respondents reported insufficient resilience, compared to just 10% of medium-to-large private sector organizations.
https://blog.kowatek.com/2025/01/13/wef-warns-of-growing-cyb…
https://blog.kowatek.com/2025/01/13/wef-warns-of-growing-cyb…
Claim 4: “According to the World Economic Forum’s Global Cybersecurity Outlook 2025, 72 percent of organisations reported an increase in cybersecurity risks, with the public sector disproportionately affected.”
CORROBORATED
The World Economic Forum's Global Cybersecurity Outlook 2025 is explicitly cited by multiple sources as reporting that 72% of organizations saw an increase in cybersecurity risks.
menu_book
wikipedia
NEUTRAL
— The Global Social Mobility Index is an index prepared by the World Economic Forum. The inaugural index from 2020 ranked 82 countries and has not been updated since. The Index measures social mobility …
https://en.wikipedia.org/wiki/Global_Social_Mobility_Index
https://en.wikipedia.org/wiki/Global_Social_Mobility_Index
menu_book
wikipedia
NEUTRAL
— The World Economic Forum (WEF) is an international advocacy non-governmental organization and think tank, based in Cologny, canton of Geneva, Switzerland. It was founded on 24 January 1971 by German e…
https://en.wikipedia.org/wiki/World_Economic_Forum
https://en.wikipedia.org/wiki/World_Economic_Forum
menu_book
wikipedia
NEUTRAL
— Forum of Young Global Leaders, or Young Global Leaders (YGL), is a non-profit globalist organization. The organization was created by Klaus Schwab, founder of the World Economic Forum and is managed f…
https://en.wikipedia.org/wiki/Young_Global_Leaders
https://en.wikipedia.org/wiki/Young_Global_Leaders
+ 3 more evidence sources
Claim 5: “FBI Internet Crime Complaint Center data shows that business email compromise (BEC) has caused more than USD 5 billion in reported losses globally in 2021 and 2022 alone.”
SINGLE SOURCE
The provided web search results for this claim are completely irrelevant (color picker tools) and do not contain any data regarding FBI IC3 or BEC losses.
travel_explore
web search
NEUTRAL
— Upload an image, paste from clipboard, or enter a URL to instantly pick colors. Get HEX, RGB, HSL codes free — no signup required.
https://imagecolorpicker.com/
https://imagecolorpicker.com/
travel_explore
web search
NEUTRAL
— Pick any color from an Image, PDF-File, Website or anywhere on your Screen and get the Hex code. Use our Color Picker for Free and without downloading a Tool!
https://pickcoloronline.com/tutorials/pick-color-from-websit…
https://pickcoloronline.com/tutorials/pick-color-from-websit…
travel_explore
web search
NEUTRAL
— Generate color palettes instantly from any website effortlessly. Enter a URL to explore color schemes and combinations directly from the site's design. No sign-up required. Try it now!
https://colorize.design/
https://colorize.design/
Claim 6: “The recent cyber incident involving Sri Lanka’s Treasury offers a timely moment to reflect on how cybersecurity is approached within Government institutions.”
CORROBORATED
Multiple independent web search results confirm a cyber fraud/theft incident involving Sri Lanka's Treasury totaling approximately $2.5 million.
travel_explore
web search
NEUTRAL
— Speed Read: COLOMBO- Sri Lanka's $2.5 million Treasury cyber theft has exposed a troubling contradiction at the heart of its digital governance: a major financial breach unfolding despite the presence…
https://cir.lk/sri-lankas-treasury-heist-exposes-gaps-in-deb…
https://cir.lk/sri-lankas-treasury-heist-exposes-gaps-in-deb…
travel_explore
web search
NEUTRAL
— Sri Lanka's Ministry of Finance confirms a major cyber fraud involving $2.5 million diverted during a debt repayment transaction. The incident exposes serious vulnerabilities in national financial cyb…
https://www.virakesari.lk/article/244408
https://www.virakesari.lk/article/244408
travel_explore
web search
NEUTRAL
— Regardless of the investigation's outcome, this incident underscores the urgent need for Sri Lanka to strengthen its financial cybersecurity infrastructure. The country must invest in robust security …
https://www.srilankanewsnetwork.com/sri-lanka-25m-treasury-h…
https://www.srilankanewsnetwork.com/sri-lanka-25m-treasury-h…
Claim 7: “A national survey of public officials conducted in 2021 by the Sri Lanka Computer Emergency Readiness Team (SLCERT) found that policy awareness was at a very low level, that many organisations had not implemented core information security policies, and that only a small proportion of ICT officers possessed basic security knowledge”
PENDING
This claim was extracted as a checkable statement from the article. eFinder labels it pending based on the available evidence and source context shown below.
Claim 8: “In 2017, the WannaCry ransomware attack paralysed parts of the UK’s National Health Service, cancelling thousands of appointments and delaying critical care.”
SINGLE SOURCE
The search results for this claim are completely irrelevant (CAPTCHAs and UNESCO sites) and do not mention the WannaCry attack.
travel_explore
web search
NEUTRAL
— This question is for testing whether you are a human visitor and to prevent automated spam submission. What code is in the image? Your support ID is: 18377829284959595140.
https://whc.unesco.org/en/newproperties/meeting=28COM&mode=t…
https://whc.unesco.org/en/newproperties/meeting=28COM&mode=t…
travel_explore
web search
NEUTRAL
— new sites added to UNESCO World Heritage List Nominations to be examined Cultural properties Aqueduct of Padre Tembleque, Renaissance Hydraulic Complex in America (Mexico) Arab-Norman Palermo and the …
https://whc.unesco.org/en/newproperties/
https://whc.unesco.org/en/newproperties/
travel_explore
web search
NEUTRAL
— This question is for testing whether you are a human visitor and to prevent automated spam submission.
https://whc.unesco.org/en/newproperties/?meeting=34COM&mode=…
https://whc.unesco.org/en/newproperties/?meeting=34COM&mode=…
Claim 9: “IBM’s 2025 Cost of a Data Breach Report... identifies human related factors as among the leading contributors to data breaches, with the global average cost of a breach now standing at USD 4.4 million.”
INSUFFICIENT EVIDENCE
No evidence was provided or found in the search results for this claim.
Claim 10: “In 2019, a local Government in Florida lost nearly USD 700,000 after officials received emails that appeared to come from a trusted construction contractor.”
SINGLE SOURCE
The search results discuss BEC generally and a Toyota subsidiary, but provide no evidence regarding a 2019 Florida local government loss of $700,000.
travel_explore
web search
NEUTRAL
— Business email compromise (BEC) is a type of cybercrime in which a threat actor uses an email information-seeking scam to target a business to defraud the entire organization. Using social engineering…
https://www.teramind.co/blog/business-email-compromise-examp…
https://www.teramind.co/blog/business-email-compromise-examp…
travel_explore
web search
NEUTRAL
— Toyota Subsidiary Lost Over $37 Million in BEC Scam.The expected financial loss following the incident that took place on August 14 is of roughly 4 billion yen maximum (as of 5 September), which trans…
https://www.bleepingcomputer.com/news/security/over-37-milli…
https://www.bleepingcomputer.com/news/security/over-37-milli…
travel_explore
web search
NEUTRAL
— Key Characteristics of BEC Scams. A business email compromise (BEC) scam is a type of cyber fraud that typically involves manipulating business email accounts to trick companies, their employees, or t…
https://www.paloaltonetworks.com/cyberpedia/types-of-busines…
https://www.paloaltonetworks.com/cyberpedia/types-of-busines…
Claim 11: “The 2020 SolarWinds incident in the United States illustrated this type of risk clearly. By compromising a widely used software update, attackers gained access to multiple Government departments.”
INSUFFICIENT EVIDENCE
No evidence was provided or found in the search results for this claim.
Claim 12: “In 2018, the city of Atlanta spent over USD 17 million to recover from a ransomware attack that disrupted court systems, utility billing, and police operations.”
SINGLE SOURCE
The search results discuss Olympia, Washington, but provide no information regarding a 2018 ransomware attack in the city of Atlanta.
travel_explore
web search
NEUTRAL
— Olympia (Lushootseed: st̕əč̓as) is the capital city of the U.S. state of Washington. The population was 55,605 at the 2020 census, while the Olympia metropolitan statistical area has an estimated 300,…
https://en.wikipedia.org/wiki/Olympia,_Washington
https://en.wikipedia.org/wiki/Olympia,_Washington
travel_explore
web search
NEUTRAL
— What will Olympia look like in 2045? Help us update the City's Comprehensive Plan. The SWMP Plan lays out the actions we will take to protect our local water. Help us create a site development plan fo…
https://www.olympiawa.gov/
https://www.olympiawa.gov/
travel_explore
web search
NEUTRAL
— Intercity Transit seeks comments from riders and the community on the proposed 2027-2030 Transportation Improvement Program (TIP), which is a summary of planned projects that may include and use feder…
https://www.intercitytransit.com/
https://www.intercitytransit.com/
Claim 13: “In the United Kingdom civil service, mandatory cybersecurity awareness training is required for all staff”
PENDING
This claim was extracted as a checkable statement from the article. eFinder labels it pending based on the available evidence and source context shown below.
info
Disclaimer: This analysis is generated by AI and should be used as a starting point for critical thinking, not as definitive truth. Claims are verified against publicly available sources. Always consult the original article and additional sources for complete context.