Baroness Manzoor
Main Page: Baroness Manzoor (Conservative - Life peer)Department Debates - View all Baroness Manzoor's debates with the Ministry of Defence
(1 year, 8 months ago)
Lords ChamberI thank the noble Lord for his Question. I am not privy to the content and detail of the article to which he refers, and even if I were, I would be reluctant to comment. As the noble Lord is aware, an internal United States investigation is now taking place and the broader issue is now the subject of investigation by the United States criminal justice system and is sub judice, therefore I am unable to comment further on that. On data breaches, our MoD takes information and data-handling responsibilities very seriously. Following previous investigations, we have introduced measures to prevent breaches recurring—that is a targeted campaign of re-education and retraining. It might be helpful to the noble Lord to know that, for example, when I log on to my MoD desktop I am now immediately presented with an automatic message about keeping equipment safe, and we are now unable to send an email on MoD equipment without being prompted to add a sensitivity label. I must say that that makes me think very carefully about what I am sending and to whom I am sending it.
My Lords, I welcome the comments that the Minister made regarding some of the improvements. However, given the seriousness of the security breaches which have occurred within our MoD, what further improvements can she highlight today that have been made to combat this happening again?
I think the most uncomfortable security breach for the MoD was in 2021, when papers were left at a bus stop. Following that event, the Secretary of State sent a metaphorical dose of syrup of figs through the department. That involved re-education and retraining, with an online security test to be sat, in which Ministers had to participate—I shall not share the results with the Chamber but it was a very pertinent wake-up call—and random bag searches were introduced in the main building for people accessing and leaving the department. I would also say to my noble friend that a risk assessment/risk evaluation exercise, introduced before the security leak in the United States of America, is currently ongoing, and that will be an important contributor to how we can improve further.