Written Evidence Dec. 13 2023
Inquiry: Cyber resilience of the UK's critical national infrastructureFound: CYB0021 - Cyber resilience of the UK's critical national infrastructure Surrey Centre for Cyber Security
Mentions:
1: Baroness McIntosh of Pickering (CON - Life peer) in monitoring and preventing cyber attacks. - Speech Link
2: Lord Ahmad of Wimbledon (CON - Life peer) There are the 10 Steps to Cyber Security and the Small Business Guide; there is also a ransomware portal - Speech Link
3: Lord Purvis of Tweed (LDEM - Life peer) My Lords, I have visited the centre and greatly admire the work of the whole team. - Speech Link
4: Lord Clement-Jones (LDEM - Life peer) My Lords, a few weeks ago, the National Cyber Security Centre issued a warning about the risks of “prompt - Speech Link
Oral Evidence Nov. 15 2023
Inquiry: RansomwareFound: Cabinet Office, Home Office, and National Cyber Security Centre Oral Evidence
Asked by: Bridget Phillipson (Labour - Houghton and Sunderland South)
Question to the Department for Education:
To ask the Secretary of State for Education, on how many occasions she has met the Director of the National Cyber Security Centre since 25 October 2022; and if she will make a statement.
Answered by Nick Gibb
The Department recognises that cyber security is a concern for many schools and academy trusts. The Department will continue to develop the support and tools offered to schools and academy trusts to improve their cyber security and resilience (including RPA cyber cover). The Department will also continue to streamline reporting and data capture to improve mutual understanding between the department and schools. Additionally, the National Cyber Security Centre (NCSC) provides guidance on how to avoid computer security threats. This guidance is available at: https://www.ncsc.gov.uk/collection/10-steps.
In order to continue building an evidence base, the Department is running a biennial Technology in Schools survey to capture up to date data which enables the Department to understand the current state, use and spread of technology within primary and secondary schools in England. This will allow the Department to support various strands of current policy commitments and to inform future interventions. This year’s survey includes the proportion of schools that are meeting some specific elements of the cyber security standards. Findings from the first Technology in Schools survey will be published in late 2023.
The Department is also developing a digital service to support senior leadership in schools with planning for technology. The tool will enable them to benchmark their technology against the digital standards, suggest areas of improvement and provide actionable steps and resources to implement these recommendations.
The Department regularly engages with the NCSC on the cyber security issues faced by schools.
Jun. 11 2024
Source Page: Smith, Gaven- Director General Technology, Government Communications Headquarters- ACOBA adviceFound: GCHQ confirmed the National Cyber Security Centre (NCSC), which is separate from the department, is growing
Asked by: White, Tess (Scottish Conservative and Unionist Party - North East Scotland)
Question
To ask the Scottish Government, in light of the reported cyber attack that took place on NHS Dumfries and Galloway on 15 March 2024, how it is working with (a) all NHS boards, (b) Police Scotland and (c) the National Cyber Security Centre, to ensure that NHS IT systems are not compromised further by similar attacks.
Answered by Gray, Neil - Cabinet Secretary for NHS Recovery, Health and Social Care
The Scottish Government continues to support NHS Dumfries and Galloway respond to the cyber-attack through the provision of the Scottish multi-agency cyber incident support arrangements. These arrangements bring national agencies, including the National Cyber Security Centre, law enforcement (including Police Scotland), NHS Cyber Security Centre of Excellence, NHS Boards and the Scottish Government together to support the response and recovery to the incident.
For further information I refer the member to the answer to question S6T-01869 on 19 March 2024 which is available on the Parliament's website, the search facility for which can be found at https://www.parliament.scot/chamber-and-committees/official-report/search-what-was-said-in-parliament .
Correspondence May. 24 2024
Committee: National Security Strategy (Joint Committee)Found: Letter from the Joint Committee on the National Security Strategy to the PM on Defending Democracy Correspondence
Asked by: Jim Shannon (Democratic Unionist Party - Strangford)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what steps her Department is taking to support businesses secure their digital infrastructure against the provision of technological services from companies deemed a potential threat to national security.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
The security of UK businesses and their digital infrastructure is a priority for the government and a key part of the National Cyber Strategy. The Department for Science, Innovation and Technology (DSIT) works with Ofcom, UK technical authorities (the National Cyber Security Centre & National Protective Security Authority) and industry to identify risks and secure telecoms network infrastructure.
The UK Telecommunications (Security) Act 2021 sets out one of the world’s toughest telecoms cyber security regimes and places stringent obligations on public telecoms networks providers to protect networks against security threats. The Act also created new national security powers to control the use of high-risk vendors in the UK’s telecoms network. The government encourages businesses to improve their digital infrastructure security through the Cyber Essentials scheme and the Network and Information Systems Regulations 2018.
Asked by: Lord Bishop of St Albans (Bishops - Bishops)
Question to the Department for Transport:
To ask His Majesty's Government what assessment they have made of the potential impact upon national security of Chinese-made electric vehicles; and whether they plan to further investigate any risks that may arise.
Answered by Lord Davies of Gower - Parliamentary Under-Secretary (Department for Transport)
DfT co-chairs the UN Economic Commission for Europe (UNECE) group that developed two new international regulations related to connected vehicles – one on cyber security and one on software updates. The cyber security regulation sets out requirements to mitigate potential threats in vehicle construction, to monitor emerging threats and to respond to cyber attacks.
The Government takes national security extremely seriously. The Department for Transport (DfT) works closely with the transport sector and the National Cyber Security Centre (NCSC), and other Government departments, including the Department for Business and Trade (DBT) and Department for Science Innovation and Technology (DSIT), to understand and respond to cyber vulnerabilities associated with all connected vehicles, including electric vehicles.
Asked by: Liam Byrne (Labour - Birmingham, Hodge Hill)
Question to the Department for Business and Trade:
To ask the Secretary of State for Business and Trade, what role the National Cyber Security Centre plays in facilitating export controls to prevent the proliferation of sensitive technology in the areas of (a) artificial intelligence, (b) quantum computing, (c) biometric tools and data and (d) intangible technology transfers.
Answered by Alan Mak - Minister of State (Department for Business and Trade) (jointly with the Cabinet Office)
The National Cyber Security Centre is HM Government’s national technical authority for information security and advises the Export Control Joint Unit, in the Department for Business and Trade, on export licence applications for goods involving sensitive communications or computer technology.