Oral Answers to Questions
Oliver Dowden Excerpts(1 month, 1 week ago)
Commons ChamberRead Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts
Sir Oliver Dowden (Hertsmere) (Con)
I begin by welcoming the Chancellor of the Duchy of Lancaster to his position. I know that he will be supported by a brilliant team of civil servants who are truly dedicated to public service. As we saw in module 1 of the covid inquiry report last week, biological threats pose potentially catastrophic risks to our nation, and those risks will be exacerbated by long-term trends such as climate change. To help to prepare us, I published the UK biological security strategy. Will he take the opportunity to recommit to its objectives and to provide an annual update to the House on its implementation?
Pat McFadden
I welcome the right hon. Member to his position. I mean that genuinely: it is not easy to step up and serve in opposition after an election defeat, so I welcome what he and his colleagues are doing. I echo his praise for the civil service and the Cabinet Office team, who have supported me and my colleagues in the best way in the past few weeks. On the UK biological security strategy, my answer is simple and short: yes.
Sir Oliver Dowden
I welcome that answer and I thank the right hon. Gentleman for his kind words. An effective strategy must be underpinned by dedicated resources, which is why one of my final acts in the Cabinet Office was to announce that we would ringfence biological security spending across Government. Will he uphold that commitment, so that important resilience spending does not fall victim to day-to-day spending pressures?
Pat McFadden
If the right hon. Member set aside spending for his commitments, he did something pretty rare for the last Government. When we look under the bonnet, we find that that was not often the case. We will have more to say about that in the coming days.
CrowdStrike: IT Outage
Oliver Dowden Excerpts(1 month, 1 week ago)
Commons ChamberRead Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts
Sir Oliver Dowden (Hertsmere) (Con)
May I begin by welcoming the hon. Lady to her role and thanking her for advance sight of the statement? In that role I know she will be supported by a dedicated team of civil servants, who represent the very best of public service. I have no doubt that they will serve her as well as they did me.
The hon. Lady will be aware of the enormous challenges facing this Government and those around the world in relation to cyber-security. As I warned when I was the responsible Minister, threats to public services and critical national infrastructure come from a range of challenges, from hostile state actors to human error and design flaws. Last week we saw those challenges vividly brought to life. Following the corrupted antivirus update by CrowdStrike on Friday, 8.5 million Microsoft devices globally were rendered unusable. That left airports disrupted, patient records temporarily lost and GPs unable to access important patient data, creating significant backlogs. That is more than an inconvenience.
I pay tribute to all those working in our public services for the efforts they undertook over the weekend to restore those services, and to the work of dedicated cyber specialists across Government, including in the National Cyber Security Centre. In government we undertook a wide range of measures to enhance the nation’s cyber-security: creating the National Cyber Security Centre, introducing secure by design, setting cyber-resilience targets, launching GovAssure and transforming the oversight of governmental cyber-security.
I note, as the hon. Lady said, that the Government intend to build on that progress by bringing forward a cyber-security and resilience Bill. Will she therefore outline the timetable for the Bill, and will the Government consider mandatory cyber-security targets for the UK public sector? Are the Government considering obligations to ensure that infrastructure is designed to be resilient against common cause problems, such as this one? What steps are being taken to enhance cyber-security in the devolved Administrations and in parts of the public sector such as the NHS, which are operationally independent?
Specifically in relation to this incident, what assessment has been made of the prevalence of CrowdStrike within critical national infrastructure? What further reassurance can the Government give in relation to the timetable for full recovery of key systems and data? In particular, can the Minister assure employees that this month’s payroll will not be adversely affected?
Britain’s cyber industry is world leading. Cyber-security now employs more than 60,000 people and brings in nearly £12 billion-worth of revenue annually. This transformation was in part due to our £5.3 billion investment, which launched the country’s first national cyber-security strategy. I therefore urge the Government—I see the Chancellor in her place—to continue such investment.
Incidents such as that of CrowdStrike should not deter us from the path of progress. We must embrace digitalisation and the huge improvements to public services that it offers. The adoption of artificial intelligence across Government is the closest thing we have to a silver bullet for public sector productivity. However, if we are to command public confidence, people must be assured that technology is safe, secure and reliable. Such incidents demonstrate how reliant the Government and public services are on large technology companies, and how much responsibility they have for the services that have become critical to people’s lives and livelihoods. That is why, in government, I called for us to work more closely with leading technology firms to address these shared challenges. The best solution is partnership. To that end, what further engagement will the Minister undertake with Microsoft, CrowdStrike and the wider sector to ensure that there is no such recurrence?
The task for us all is to build on existing progress that has transformed Britian’s cyber defences, and to enhance protections for British families, businesses and the very heart of Government. In that mission, the Government can rely on the support of the Opposition.
Ellie Reeves
I thank the shadow Minister for his contribution and his questions. In particular, I echo the thanks to all those in Departments across the civil service who were involved in dealing with the outage last Friday and in mitigating its effects. I set out in my statement that our cyber-security and resilience Bill, which was included in the King’s Speech, will strengthen our defences and ensure that more digital services are protected. That is a priority for this Government. The Bill will look at expanding the remit of regulation, putting regulators on a stronger footing and increasing reporting requirements, so that the Government can build a better picture of cyber-threats. We will consider the implications of Friday’s incident as we develop that legislation, but rest assured that we are working across Government to ensure resilience.
As the Chancellor of the Duchy of Lancaster said in his statement on the covid inquiry module 1 report, he will lead a review assessing our national resilience to the full range of risks that the UK faces, including cyber-risks.