Question to the Cabinet Office:

To ask His Majesty's Government what measures they are taking to protect critical national infrastructure from security threats.

The UK Government works closely with Critical National Infrastructure (CNI) owners and operators through the Lead Government Department (LGD) model to build resilience against security threats.

Each LGD is responsible for routinely undertaking risk assessments for their sector, including assessing CNI risks within the internal, classified National Security Risk Assessment (NSRA). All NSRA risks are kept under review to ensure that they are the most appropriate scenarios to inform industry and government’s emergency preparedness and resilience activity, and reflect the evolving risk landscape. The external-facing National Risk Register, which mirrors the NSRA, was last updated in January 2025 and will be updated regularly to address changes to the risk landscape.

Alongside the LGD’s active engagement with industry, the National Technical Authorities (National Cyber Security Centre and National Protective Security Authority) also provide advice on best practice for CNI security and resilience.