Thomas Docherty
Main Page: Thomas Docherty (Labour - Dunfermline and West Fife)Department Debates - View all Thomas Docherty's debates with the Ministry of Defence
(10 years, 8 months ago)
Commons ChamberMy hon. Friend makes a good point, but it rebounds slightly on the Defence Committee because we have been told that we are responsible for applying for such debates and, I have to confess, we have not done so in recent months, so perhaps we ought to revisit that.
The Defence Committee launched an inquiry into defence and cyber-security in January 2012, as part of a series of debates and inquiries looking into emerging threats. It was the first time the Committee had investigated cyber-security as a discrete topic, although in 2009 we had looked at Georgia and Estonia, and visited Talinn, as part of another inquiry. The UK Government had identified cyber-threats as one of four tier 1 risks to national security, and in November 2013 published a UK cyber-security strategy, updating their 2009 strategy and setting out four objectives: first, to make the UK one of the most secure places in the world to do business in cyberspace; secondly, to make the UK more resilient to cyber-attack and better able to protect our interests in cyberspace; thirdly, to help to shape an open, vibrant and stable cyberspace that supports open societies; and fourthly, to build the UK’s cyber-security knowledge, skills and capability.
The programme is to be implemented via a four-year national cyber-security programme costing £650 million, and the Chancellor of the Exchequer announced an extra £210 million investment after the 2013 spending review. The funding is shared between the security and intelligence agencies, the Ministry of Defence, the Home Office, the Department for Business, Innovation and Skills, the Cabinet Office and the Foreign and Commonwealth Office, but most will be spent by the security and intelligence agencies.
During our inquiry, the Committee investigated whether the high profile given to the cyber-threat in the UK was matched by a coherent plan and a chain of command in the event of a major cyber-attack on our national infrastructure or our national interests. The complexity of the threat must be matched by an agile, many-layered response; accordingly, many different agencies are involved in the cyber-security effort, ranging across cybercrime, cyber-espionage and cyber-commerce. Cyber-security is therefore to some extent everybody’s responsibility, but we must avoid its ending up being nobody’s responsibility as a consequence. Someone has to be in charge.
It is good to see so many colleagues here to take part in the debate. If we contrast the approach taken in the United States, where there is a unified structure under CYBERCOM, with the disparate approach taken in the United Kingdom, does the right hon. Gentleman share my concern that we seem to have a number of lessons still to learn?
Well, there are pluses and minuses to having a unified structure, and there are risks in having a siloed approach. I said this is the responsibility of everyone, and so it is. I shall explain how wide that responsibility extends.
My hon. Friend has raised this issue with me before. He asks a specific question about two specific squadrons. I believe that what he asks is the case, but I will write to him to confirm it. The House knows that he is the world’s greatest living expert on this matter, and I do not want to be the man to give him a wrong steer.
The cyber reserve offers individuals the opportunity to be part of the proud history and ethos of our reserves while working in a cutting-edge, technological field. The hon. Member for Bridgend asked about the effect on reservists if they travel to other countries. I will look into the good point she raised, and will return to her on that.
Cyber crosses national boundaries, a point that my hon. Friend the Member for Beckenham (Bob Stewart) made clearly, and so too must our view of this new domain. It is, therefore, essential that we work with our allies to ensure that we are not only able to operate with one another, but are aware of common threats. We are already working closely on cyber with our long-standing international partners, particularly through a defence cyber-contact group that includes the US, Australia, Canada, New Zealand and ourselves—the traditional “Five Eyes” partners.
Before the Minister moves away from personnel, what lessons are being learned about recruiting regulars and reservists from the IT world? He seemed to skip over that.