Public Bodies: Cybersecurity

(asked on 4th September 2023) - View Source

Question to the Cabinet Office:

To ask His Majesty's Government, following the data breach at the Electoral Commission, what plans they have to review the effectiveness of cyber defences of the Government's own technology platforms and those of other public bodies.


Answered by
Baroness Neville-Rolfe Portrait
Baroness Neville-Rolfe
Shadow Minister (Treasury)
This question was answered on 18th September 2023

The Government Cyber Security Strategy published last year sets out our plans to significantly harden the Government’s critical functions against cyber attack by 2025, with all organisations across the public sector being resilient to known vulnerabilities by 2030.

We have already made significant progress against the strategy. Earlier this year the Government launched GovAssure, the new cyber security assurance process for government organisations. Under GovAssure, government organisations will regularly review the effectiveness of their cyber defences against common cyber vulnerabilities and attack methods. GovAssure will enable government organisations to accurately assess their levels of cyber resilience across their critical services, highlight priority areas for improvement and provide the Government with a strategic view of cyber capability, risk and resilience across the sector.

The Electoral Commission is independent of Government and is accountable to Parliament through the Speaker’s Committee on the Electoral Commission. However, we have supported the Commission via the National Cyber Security Centre, who have provided the Commission with expert advice and support to aid their recovery after the cyber incident was first identified.

Reticulating Splines