Question to the Department for Science, Innovation & Technology:

To ask the Secretary of State for Science, Innovation and Technology, pursuant to the Answer of 25 November 2025 to Question 92210 on Internet: Outages, what assessment she has made of the potential impact of the Cyber Security and Resilience (Network and Information Systems) Bill on disruption to government services during the Cloudflare outage.

The Department for Science, Innovation and Technology (DSIT) recognises the importance of robust protections for the services essential to our society and economy. That is why we introduced the Cyber Security and Resilience Bill (CSRB) on 12 November - by enhancing protections for the most important digital services, Government services that rely on them will also benefit.

As the digital centre of government, DSIT also recognises that a step change in cyber and digital resilience is required across the government sector. However, we do not need to wait for legislation to take action.

We are acting in parallel with the approach of the CSRB through our mandate to set robust cyber security standards across government organisations. Government services have been subject to the National Cyber Security Centre’s Cyber Assessment Framework since 2022, which promotes resilience against both cyber attacks and the types of system failure that we saw with the Cloudflare outage.

Despite this progress, we are not complacent. DSIT will publish the Government Cyber Action Plan, which will lay out a detailed programme of work with clear expectations, targets, and milestones to enhance Government's cyber and digital resilience.