Chi Onwurah
Main Page: Chi Onwurah (Labour - Newcastle upon Tyne Central and West)Department Debates - View all Chi Onwurah's debates with the Cabinet Office
(9 years, 8 months ago)
Commons ChamberI thank the Minister for advance sight of his statement. It is now twice in two days that he has come to the House to make a statement. Tomorrow he will make it a hat-trick with his final Cabinet Office Questions. Clearly, he wants to see as much of us all as possible before he retires from this House.
I pay tribute to the Minister for his work in the past five years as the Minister for the Cabinet Office and in the many years he has served the public as a Member of this House. There are many things on which we disagree, for example how we should use digital government to empower people rather than cutting them off from services, but no one can doubt his dedication to public service. Nor can we doubt the dedication of those who work so hard to protect us, our nation, its citizens and businesses from cyber-attacks. I, too, would like to put on record my praise for the work done by the security services, the police and all civil servants who work in this area. They do a vital job day in, day out to protect our cyber-infrastructure and digital footprints, and I commend their work.
I am sure the Minister agrees with that sentiment. I hope, therefore, that the Government will clarify how those who protect us in cyberspace will continue to do so when the Chancellor is bent on reducing public sector spending to levels not seen since the 1930s, before there was even an NHS or a GCHQ. It is clear from the Office for Budget Responsibility and the Institute for Fiscal Studies that, after the Chancellor’s Budget last week, unprotected Departments face huge cuts to meet his spending plans and unfunded tax cuts. The Ministry of Defence, the police and social care services are under threat. Can the Minister confirm whether the budget for cyber-security will be protected, or are we to assume that because the Cabinet Office is an unprotected Department that this will not be the case?
I welcome the new Cyber First pilot. Indeed, I was privileged to launch the UK’s first MBA in cyber-security with Coventry university. The demand for cyber-security experts is growing at 12 times the rate of the overall job market, so it is vital that we train and equip more people with cyber-skills. Small firms are the victims of three quarters of all successful data breaches and are the most likely to suffer from a lack of cyber-skills. However, just as the Minister came late to the digital inclusion agenda and then chose a strategy that excludes 10% of our fellow citizens, he has come late to—indeed, neglected—cyber-security for small businesses. According to the Institution of Engineering and Technology, half of all small and medium-sized enterprises have not even heard of the Government’s cyber-security efforts. What is the Minister doing to change that and to make small businesses more cyber-aware?
Crime is changing. It increasingly happens online, but the Government do not have a strategy to tackle it. The cyber-security budget is overwhelmingly going to cyber-security and big businesses, leaving consumers to fend for themselves. The majority of the cyber-security budget goes into the single intelligence account, with the police left a tiny amount to tackle a growing tide of online crime with an overall £2 billion cut in funding. The Home Affairs Committee highlighted the black hole where low-level e-crime is committed with impunity. What is the Minister doing to ensure that the police have the resources they need in this area?
I welcome the announcement of a new contractual framework for Gov.uk Verify. However, it was only in October that the Government were predicting that hundreds of thousands would be verified by now. In fact, only 50% of people are successful the first time they use the service. The Minister says that details will be announced “shortly”. Given that there are only a few days left before Parliament is dissolved, will he tell us exactly when he plans to announce the details? Specifically, will it include a public sector provider of identity assurance, so that people can choose a provider they trust?
Finally, the statement makes no mention whatever of mobile. It has taken the Government five years not to eradicate not spots, and they have ignored the gaping hole in cyber-security which is mobile device security, particularly in the era of “bring your own” device. What is the Minister doing specifically on mobile?
I could not help but notice that the statement was somewhat light on actual policy announcements. A cynic might think that the Minister was rushing out a half-baked announcement to use up time. It is almost as if the Government are scrambling around for something to say to give the impression that they have made real progress in rising to what is one of the greatest challenges of the digital era and one of the greatest opportunities for UK business. The UK can lead in cyber-security as we do in online commerce, but it will take skills for the many—small businesses and citizens, as well as big businesses—not the few. It will take a Labour Government to ensure we have that.
I am extremely grateful to the hon. Lady for her very warm words at the beginning of her response, which I enormously appreciate. Parting is indeed such sweet sorrow, but there is life beyond.
I am afraid it tailed off a little bit after that. The hon. Lady talked about cuts and the potential for continued funding for cyber-security in the next Parliament. She made the slightly odd suggestion that the trajectory of public spending would be at a level last seen in the 1930s. A little further research shows that the last time this level of spending was seen was in 1999-2000 under a Labour Government.
So far as funding for cyber-security is concerned, that will be dealt with in the context of the spending review that will take place after the election, but I do not know anybody who believes there is any possibility that there will not continue to be very significant funding for cyber-security. We are acknowledged across the world as being in the lead in this area. There is always a danger when one says that of being thought to be complacent. We are not remotely complacent. This is a very fast-moving set of threats and we have to move equally fast to keep up with it. We need to be on the case all the time.
The hon. Lady talked about the resources being devoted to tackling cybercrime. The Under-Secretary of State for the Home Department, my hon. Friend the Member for Staffordshire Moorlands (Karen Bradley) who has responsibility for tackling cybercrime is in her place on the Front Bench. She takes this matter immensely seriously. The national cyber crime unit is based in the National Crime Agency. A good proportion of the cyber-security programme is funding for the law enforcement agencies, which do fantastic work. I obviously echo her enthusiastic support for those who work to protect and preserve our national security, and I include in that those in our armed forces active in this field.
The hon. Lady talked about digital inclusion, which she knows the Government take extremely seriously. We support the huge amount of work being done by businesses, particularly Barclays and other companies, on digital activity to enable people currently excluded to be active online, and that will continue to be the case. She also asked about mobile security on mobile devices, which is obviously a serious matter. So far as the Government are concerned, CESG, part of GCHQ, provides good guidance and is reckoned to be world leading on smart devices.
So far as citizens and consumers are concerned, she will be aware of our Cyber Streetwise campaign and Get Safe Online, which are about making sure people know the risks. GCHQ estimates that 80% of successful cyber-attacks could be thwarted or mitigated by basic internet hygiene, and for that awareness is important. I am less concerned about whether SMEs are aware of what the Government are doing; I am more concerned that they are aware of what they need to do, which is to take basic steps on internet hygiene.
There is much more to do, and there will never be any scope for a Government or businesses to rest on their laurels. I found the hon. Lady’s objection that my statement was light on policy slightly startling. Quite rightly, the Government have elevated cyber-security to one of the four tier 1 national security threats, so we take it enormously seriously. At a time when we had to cut public spending, because of the appalling public deficit inherited from the last Government, this was one of the very few areas that we decided was sufficiently important to invest further money in, and we will continue to do that.