To match an exact phrase, use quotation marks around the search term. eg. "Parliamentary Estate". Use "OR" or "AND" as link words to form more complex queries.


Keep yourself up-to-date with the latest developments by exploring our subscription options to receive notifications direct to your inbox

Written Question
Infrastructure: Cybersecurity
Monday 18th March 2024

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government, following the data breach experienced by Southern Water as a result of a cyber-attack, what assessment they have made of the adequacy of existing cyber security regulations for UK critical infrastructure.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The National Cyber Strategy 2022 set outcomes for critical national infrastructure (CNI) (in the private and public sector) to better understand & manage cyber risk and minimise the impact of cyber incidents when they occur. In addition, at CyberUK 2023, the Deputy Prime Minister announced specific and ambitious cyber resilience targets for all CNI sectors (public and private sector) to meet by 2025.

Over the past year, the Cabinet Office has been progressing foundational work to support the creation of common but flexible resilience standards across CNI and do more on the assurance of CNI, including cyber assurance preparedness, by 2030. This includes work to evaluate the impact and effectiveness of all regulation that applies to CNI, including (but not limited to) NIS regulations, and to bring more private sector businesses working in CNI within the scope of cyber resilience regulations.

The Government is also committed to ensuring cyber security in the public sector, which is why GovAssure was launched in April 2023. Under GovAssure, government organisations regularly review the effectiveness of their cyber defences against common cyber vulnerabilities and attack methods. We are currently evaluating the first year’s assessments. GovAssure will enable government organisations to accurately assess their levels of cyber resilience across their critical services, highlight priority areas for improvement and provide the Government with a strategic view of cyber capability, risk and resilience across the sector.


Written Question
Ministers: Aviation
Wednesday 31st May 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government which Ministers, including those at Cabinet level, have used private aircraft on official business during the past 12 months; and, for each journey, what were (1) the destinations travelled to and from, (2) the dates, and (3) the cost of travel.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The Government publishes details of all Ministers' overseas travel on a quarterly basis.

The other information requested is not centrally held and could only be provided at disproportionate cost.

It has also been the practice of successive administrations not to publish granular information relating to the official movements of protected individuals and those accompanying them within the United Kingdom.


Written Question
Ministers: Aviation
Wednesday 31st May 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government which Ministers, including those at Cabinet level, have used military aircraft during the past 12 months; and, for each journey, what were (1) the destinations travelled to and from, (2) the dates, and (3) the cost of travel.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The Government publishes details of all Ministers' overseas travel on a quarterly basis.

The other information requested is not centrally held and could only be provided at disproportionate cost.

It has also been the practice of successive administrations not to publish granular information relating to the official movements of protected individuals and those accompanying them within the United Kingdom.


Written Question
Emergencies: Mobile Phones
Thursday 25th May 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government what has been the total cost to date of developing, maintaining and testing the UK's emergency alert system; and what plans they have for further tests.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The total cost to date of developing the technical architecture and systems which underpin the emergency alert programme, in addition to the first three years of operational delivery, will be a maximum of £25.3 million.

The contracts which are publicly available on contracts finder include:

  1. The Government Digital Service have a contract with Fujitsu for £1.6 million per year for a three year period, a potential total of £5 million assuming that the contract runs to completion;

  2. The Department for Culture, Media and Sport (as was) issued contracts totalling £18.6 million to mobile network operators, as well as further spending on security testing and legal work.

The remaining costs were spent on security testing and legal fees. The specific figures are commercially sensitive and can therefore not be released to the public.

There are no current plans for a further UK-wide, or public, test of the system, though it is likely that there will be further public tests in the coming years to ensure the system is operational to help keep the British people safe.


Written Question
Cybersecurity
Thursday 13th April 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government what plans they have to provide an update on the implementation of the Cyber Security Strategy.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The National Cyber Strategy 2022 sets out how we will ensure that the UK continues to be a leading, responsible and democratic cyber power, able to protect and promote our interests in the rapidly evolving online world. We plan to publish the first of our annual progress reports this summer.


Written Question
Government Departments: Cybersecurity
Thursday 13th April 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government what assessment they have made of the progress in the adoption of the Cyber Assessment Framework across all government bodies.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The Government Cyber Security Strategy, published in January 2022, sets out how we will build and maintain our cyber defences; by building greater cyber resilience across all government organisations, and working together to ‘defend as one’ - exerting a defensive force greater than the sum of our parts.

The strategy sets a clear target for government’s most critical functions to be appropriately resilient by 2025, with all government organisations being resilient to known vulnerabilities and common attack methods by 2030.

The strategy will see us roll out GovAssure in April as the foundation of a new, more robust independent assurance regime for the whole of government. With its foundations in the National Cyber Security Centre’s Cyber Assessment Framework, it will help us to understand our risk at scale and put us on the pathway to reducing it, as well as aligning Government with the best practice in management of wider UK Critical National Infrastructure sectors. Results of these reviews will not be published publicly for reasons of security. The progress on adopting the Cyber Assessment Framework across HMG is that pilots have been conducted with 3 government departments, and the wider scheme will launch in April.


Written Question
Government Departments: Cybersecurity
Thursday 13th April 2023

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask His Majesty's Government what plans they have to publish the cyber audits of all government departments.

Answered by Baroness Neville-Rolfe - Minister of State (Cabinet Office)

The Government Cyber Security Strategy, published in January 2022, sets out how we will build and maintain our cyber defences; by building greater cyber resilience across all government organisations, and working together to ‘defend as one’ - exerting a defensive force greater than the sum of our parts.

The strategy sets a clear target for government’s most critical functions to be appropriately resilient by 2025, with all government organisations being resilient to known vulnerabilities and common attack methods by 2030.

The strategy will see us roll out GovAssure in April as the foundation of a new, more robust independent assurance regime for the whole of government. With its foundations in the National Cyber Security Centre’s Cyber Assessment Framework, it will help us to understand our risk at scale and put us on the pathway to reducing it, as well as aligning Government with the best practice in management of wider UK Critical National Infrastructure sectors. Results of these reviews will not be published publicly for reasons of security. The progress on adopting the Cyber Assessment Framework across HMG is that pilots have been conducted with 3 government departments, and the wider scheme will launch in April.


Written Question
Mobile Phones: Emergencies
Tuesday 1st June 2021

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask Her Majesty's Government, further to the answer by Lord True on 21 April (HL Deb, col 1833), what assessment they have made of the effectiveness of the trial of a cell broadcast emergency alert system in Reading in March.

Answered by Lord True - Leader of the House of Lords and Lord Privy Seal

The trial in the Thames Valley area on 9 March 2021 successfully tested Cell Broadcast technology on mobile networks using phones pre-prepared to receive alerts. Having proven the technology to be effective, the Government conducted a live public trial of the Emergency Alert system in East Suffolk on 25 May and plans to conduct another public trial in Reading City Centre on 15 June. Should these prove successful, the Government plans to send out a National Welcome Message across the UK later this year.


Written Question
Schools: Coronavirus
Wednesday 8th April 2020

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask Her Majesty's Government what consideration they have given to including (1) building maintenance engineers, (2) personnel supporting the critical lifeline utilities, and (3) non-police security staff, in the list of essential staff whose children can continue to be admitted to schools during the COVID-19 pandemic.

Answered by Lord True - Leader of the House of Lords and Lord Privy Seal

The position remains, as outlined on gov.uk, that everyone who can work from home should do so.

Where that is not possible, people should go into work where it is safe and they are not symptomatic, isolating or shielding. Relevant guidance including from PHE should be followed.

In terms of the provision of education for certain workers, it is already the case that in certain cases the staff listed above could be eligible as long as "their specific role is necessary for the continuation of this essential public service". This is set out on gov.uk.

The Government has placed restrictions on the operations of certain businesses as part of the strategy of enhanced social distancing. Separate guidance has been published on this and is also available on gov.uk.


Written Question
Government Departments: Cybercrime
Monday 23rd March 2020

Asked by: Lord Harris of Haringey (Labour - Life peer)

Question to the Cabinet Office:

To ask Her Majesty's Government when they intend to review the minimum cyber security standards for Government departments.

Answered by Lord True - Leader of the House of Lords and Lord Privy Seal

The Minimum Cyber Security Standard for Government was introduced in 2018, drawing on the expert technical advice of the National Cyber Security Centre (NCSC).

The Government Security Group is working with departments, including NCSC and Government Digital Service, to understand what changes, if any, need to be made to the Minimum Cyber Security Standard. This review is already underway and is intended to be an annual activity with updated standards published on GOV.UK accordingly. Over time, the measures will be incremented to continually ‘raise the bar’ to keep pace with a changing threat and ensure appropriate management of risk.