Question to the Department for Transport:

To ask the Secretary of State for Transport, what percentage of his Department are qualified to assess if a rail company is meeting the cyber security regulations.

The Department for Transport has a small team which delivers our functions as a Competent Authority under the NIS Regulations, including Cyber Compliance Inspectors who can review an organisation’s cyber security self-assessment and assess compliance with cyber security regulations. While the total number of qualified staff equates to less than one percent of the total staff in the Department and its agencies, this reflects the very large range of activities and diversity of responsibilities across DfT. Our team can leverage external technical advice, for example, from the National Cyber Security Centre, as well as a wide range of national security, resilience and transport sector expertise across the Department.