To match an exact phrase, use quotation marks around the search term. eg. "Parliamentary Estate". Use "OR" or "AND" as link words to form more complex queries.


Keep yourself up-to-date with the latest developments by exploring our subscription options to receive notifications direct to your inbox

Written Question
Infrastructure: Cybersecurity
Monday 18th March 2024

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government, following the data breach experienced by Southern Water as a result of a cyber-attack, what assessment they have made of the adequacy of existing cyber security regulations for UK critical infrastructure.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The National Cyber Strategy 2022 set outcomes for critical national infrastructure (CNI) (in the private and public sector) to better understand & manage cyber risk and minimise the impact of cyber incidents when they occur. In addition, at CyberUK 2023, the Deputy Prime Minister announced specific and ambitious cyber resilience targets for all CNI sectors (public and private sector) to meet by 2025.

Over the past year, the Cabinet Office has been progressing foundational work to support the creation of common but flexible resilience standards across CNI and do more on the assurance of CNI, including cyber assurance preparedness, by 2030. This includes work to evaluate the impact and effectiveness of all regulation that applies to CNI, including (but not limited to) NIS regulations, and to bring more private sector businesses working in CNI within the scope of cyber resilience regulations.

The Government is also committed to ensuring cyber security in the public sector, which is why GovAssure was launched in April 2023. Under GovAssure, government organisations regularly review the effectiveness of their cyber defences against common cyber vulnerabilities and attack methods. We are currently evaluating the first year’s assessments. GovAssure will enable government organisations to accurately assess their levels of cyber resilience across their critical services, highlight priority areas for improvement and provide the Government with a strategic view of cyber capability, risk and resilience across the sector.


Written Question
Cybersecurity
Monday 18th March 2024

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Department for Science, Innovation & Technology:

To ask His Majesty's Government what plans they have to publish draft legislation incorporating proposed reforms to the Network and Information Systems Regulations 2018.

Answered by Viscount Camrose - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)

The government remains committed to updating the Network and Information Systems Regulations 2018 (“NIS Regulations”) as soon as parliamentary time allows.

Whilst we wait for parliamentary time, the government is developing improvements which can be delivered without legislative changes, including:

  • Updating guidance to NIS competent authorities.
  • Developing potential further measures to strengthen the proposed package of reforms.
  • Identifying ways to strengthen the capabilities of NIS competent authorities.
  • Engaging with managed services providers in the UK to assist their future transition to the NIS Regulations.

These actions build on the government’s existing plans, as set out in the £2.6 billion National Cyber Strategy, to improve cyber resilience across the economy.


Written Question
Cybersecurity: Training
Monday 18th March 2024

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Department for Science, Innovation & Technology:

To ask His Majesty's Government what steps they are taking to help businesses provide advanced cyber skills training to staff.

Answered by Viscount Camrose - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)

The National Cyber Strategy sets out the importance of reducing cyber risks to businesses. To do this, the Government is supporting the UK Cyber Security Council to define the skills and knowledge needed for cyber roles. The Government is also funding numerous targeted training initiatives such as Cyber Ready and Upskill in Cyber to upskill and retrain those in the workforce, as well as the government-funded Skills Bootcamp opportunities highlighted through our recent Advanced Digital Skills campaign. This is alongside our Cyber Essentials scheme which supports businesses to implement essential technical controls on cyber security.


Written Question
Ministers: Aviation
Wednesday 31st May 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government which Ministers, including those at Cabinet level, have used private aircraft on official business during the past 12 months; and, for each journey, what were (1) the destinations travelled to and from, (2) the dates, and (3) the cost of travel.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The Government publishes details of all Ministers' overseas travel on a quarterly basis.

The other information requested is not centrally held and could only be provided at disproportionate cost.

It has also been the practice of successive administrations not to publish granular information relating to the official movements of protected individuals and those accompanying them within the United Kingdom.


Written Question
Ministers: Aviation
Wednesday 31st May 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government which Ministers, including those at Cabinet level, have used military aircraft during the past 12 months; and, for each journey, what were (1) the destinations travelled to and from, (2) the dates, and (3) the cost of travel.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The Government publishes details of all Ministers' overseas travel on a quarterly basis.

The other information requested is not centrally held and could only be provided at disproportionate cost.

It has also been the practice of successive administrations not to publish granular information relating to the official movements of protected individuals and those accompanying them within the United Kingdom.


Written Question
Emergencies: Mobile Phones
Thursday 25th May 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government what has been the total cost to date of developing, maintaining and testing the UK's emergency alert system; and what plans they have for further tests.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The total cost to date of developing the technical architecture and systems which underpin the emergency alert programme, in addition to the first three years of operational delivery, will be a maximum of £25.3 million.

The contracts which are publicly available on contracts finder include:

  1. The Government Digital Service have a contract with Fujitsu for £1.6 million per year for a three year period, a potential total of £5 million assuming that the contract runs to completion;

  2. The Department for Culture, Media and Sport (as was) issued contracts totalling £18.6 million to mobile network operators, as well as further spending on security testing and legal work.

The remaining costs were spent on security testing and legal fees. The specific figures are commercially sensitive and can therefore not be released to the public.

There are no current plans for a further UK-wide, or public, test of the system, though it is likely that there will be further public tests in the coming years to ensure the system is operational to help keep the British people safe.


Written Question
Audit: Reform
Tuesday 9th May 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Department for Business and Trade:

To ask His Majesty's Government when they intend to publish the draft Audit Reform Bill.

Answered by Earl of Minto - Minister of State (Ministry of Defence)

The Government has not set a date for publication of a draft Audit Reform Bill. The Government is committed to legislating when Parliamentary time allows.


Written Question
Cybersecurity
Thursday 13th April 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government what plans they have to provide an update on the implementation of the Cyber Security Strategy.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The National Cyber Strategy 2022 sets out how we will ensure that the UK continues to be a leading, responsible and democratic cyber power, able to protect and promote our interests in the rapidly evolving online world. We plan to publish the first of our annual progress reports this summer.


Written Question
Government Departments: Cybersecurity
Thursday 13th April 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government what assessment they have made of the progress in the adoption of the Cyber Assessment Framework across all government bodies.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The Government Cyber Security Strategy, published in January 2022, sets out how we will build and maintain our cyber defences; by building greater cyber resilience across all government organisations, and working together to ‘defend as one’ - exerting a defensive force greater than the sum of our parts.

The strategy sets a clear target for government’s most critical functions to be appropriately resilient by 2025, with all government organisations being resilient to known vulnerabilities and common attack methods by 2030.

The strategy will see us roll out GovAssure in April as the foundation of a new, more robust independent assurance regime for the whole of government. With its foundations in the National Cyber Security Centre’s Cyber Assessment Framework, it will help us to understand our risk at scale and put us on the pathway to reducing it, as well as aligning Government with the best practice in management of wider UK Critical National Infrastructure sectors. Results of these reviews will not be published publicly for reasons of security. The progress on adopting the Cyber Assessment Framework across HMG is that pilots have been conducted with 3 government departments, and the wider scheme will launch in April.


Written Question
Government Departments: Cybersecurity
Thursday 13th April 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government what plans they have to publish the cyber audits of all government departments.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The Government Cyber Security Strategy, published in January 2022, sets out how we will build and maintain our cyber defences; by building greater cyber resilience across all government organisations, and working together to ‘defend as one’ - exerting a defensive force greater than the sum of our parts.

The strategy sets a clear target for government’s most critical functions to be appropriately resilient by 2025, with all government organisations being resilient to known vulnerabilities and common attack methods by 2030.

The strategy will see us roll out GovAssure in April as the foundation of a new, more robust independent assurance regime for the whole of government. With its foundations in the National Cyber Security Centre’s Cyber Assessment Framework, it will help us to understand our risk at scale and put us on the pathway to reducing it, as well as aligning Government with the best practice in management of wider UK Critical National Infrastructure sectors. Results of these reviews will not be published publicly for reasons of security. The progress on adopting the Cyber Assessment Framework across HMG is that pilots have been conducted with 3 government departments, and the wider scheme will launch in April.