top of page

Harold Wilson – Affair with Secretary is just another example of secrets and lies at No10

Janet climbed the stairs slowly towards the bedroom. She knew what she was doing was a betrayal of her wedding vows, and he was betraying his too.

It had been a long day in the office, and she needed to be alone with the man who she had spent the last few hours with, in the company of some of the countries most powerful and influential people.

Her secret affair was heavy upon her shoulders, and it would be a secret should would keep until the day she died. She knew the Prime Minister, Harold Wilson, would do the same.

She died nursing a secret which never leaked from Downing Street, the most notorious leaky building in Britain.

What does this have to do with Information Security?

Before I start this blog, let me say that there is not intended to be an attack on the late UK Prime Minister, Harold Wilson or anyone associated with him. It’s also not on an attack on the UK government.

What follows is a look at a story about two people, both in positions of power and influence.

What follows is a story about the importance of segregation of duties, and the risks associated to security, because we are all human.

What do we know?

In April this year it was revealed in a Times article that the former Labour Prime Minister, Harold Wilson (1916 – 1995) had an affair with his press secretary, Mrs Janet Hewlett-Davies, who was 22 years his junior. 

Other than this, we know very little about the affair as both parties are no longer with us, and kept the secret throughout their lives.

What the story reveals is one that is played out in organisations with world over. You yourself might be aware of affairs that are going on in the halls of power in your organisation. Perhaps you are one of those involved?

We know that relationships are complicated things, and it is the human condition to feel validated, admired, and significant.  But the reason why people have affairs isn’t the focus of this blog.

What is of interest to people like me, is that when relationships become entangled in the workplace, things can go wrong, very quickly and it doesn’t have to be an affair.

How I upset the HR Director

Some time ago, I worked with a large law firm whose HR Director, responsible for hiring and firing people, was married to the Head of Payroll.  In my review of risks to the business I stated that “There was a risk of collusion to defraud the firm, by individuals who worked in departments where financial gain could be the motivation.”  This was my ‘polite’ way of saying that the HR Director could easily invent employees, and the Payroll Manager could change records to pay these phantom employees. 

Perhaps it was the exuberance of youth (it was a LONG time ago) that made me think this wouldn’t upset these people.  But it clearly did. I haven’t heard a HR director use that kind of language before, or since.

But my point was and still is valid.

Relationships at work present a unique risk

It doesn’t matter if that relationship is between two people who are openly engaged in a relationship, or if they are embroiled in an affair.

Our jobs, as information security professionals is to identify risks, and the risk of collusion to perpetrate fraud, or where top secret information can be revealed is a genuine risk we need to be alive to.

Why is this an issue for us?

As Tina Turner once said “What’s Love got to do with IT”? Well… quite a lot actually.

Relationships become complicated because humans themselves are complex beings. Why? Because we are emotional beings, not thinking machines.  We evolved to ‘feel’ before we think. Our amygdala (the part of the brain that deals with emotions) evolved before our cerebrum, which is the largest part of our brain, and handles the thinking part.

Side Note: This is why the phrase “Think before you click” doesn’t make sense or work! Because before we ‘think’, we ‘feel’.

Segregation of duties

If you’ve implemented ISO27001 then you’ll know that one of the Annex A controls is “Segregation of Duties” (A5.3). The expectation is that conflicting duties and conflicting areas of responsibility are segregated. The purpose of the control is to reduce the risk of fraud, error, and bypassing of information security controls.

This is a control that should apply to digital systems and human interactions.

Where there is a risk of fraud, then efforts need to be made to segregate the duties. For example, where possible, you shouldn’t have the same person handling the incoming invoices and payments process. If this is the case, then you would need to implement additional controls such as regular audits and checks of the process.

“The course of true love never did run smooth” – William Shakespeare

But what happens when it all goes wrong?

When looking at the affair between Harold Wilson and Janet Hewlett-Davies we know that they both took the secret to their grave. But consider for a moment the risks involved in this relationship.

Being the Prime Minister means that we have a person in a position of considerable power, conducting an extra-marital affair with someone who is also married.  Should that news become public, then it would cause considerable personal and professional damage.

What would the opposition party, the Conservatives, done with this information?

What about a foreign power?

What would Harold Wilson and Janet Hewlett-Davies be willing to do to keep their affair secret?

Blackmail is still a primary tool in the arsenal of those who wish to exert power and influence over people.

How, or if this relationship ended, we will never know.  But we know that not all relationships (or affairs) end well.  What would have happened if Harold Wilson had ended the affair? Would Janey Hewlett-Davies simply accept it, and continue to keep his confidence? Perhaps she would seek retribution?

As the saying goes “Hell hath no fury like a woman scorned”. Would she be willing to betray their secret and take it to the press or to some other political group?

What does this mean for us today?

I’m not saying you should ban romantic relationships in the workplace. This would be almost impossible and rather draconian! But I say that you need to be alive to the risks associated to them.

Where there is a risk of collusion or damage to the business because of a relationship, current or passed, you need to apply additional controls.

It’s not easy, and it makes for some hard conversations! But sometimes, the hard conversations are the most important ones to have.

More questions?

If you need with information security, or need help having those tough conversations then get in touch with Consultants Like You! We’re happy to have a cuppa to discuss where you are, and how we can help.

10 views0 comments


Los comentarios se han desactivado.
bottom of page