Question to the Cabinet Office:

To ask Her Majesty's Government what assessment they have made of the impact on their cyber security of the use of third-party digital services and software.

Her Majesty's Government is acutely aware of the cyber security risks associated with the use of third-party digital services and software. The contracting authority for the procurement of any such product or service is responsible for assessing and managing that risk.

The reported compromise is a complex, global cyber incident, and the Government is working with international partners to understand its scale and assess any UK impact. As the investigation into this incident is ongoing I cannot comment on any operational details.

The National Cyber Security Centre has published guidance on their website.