Asked by: Greg Knight (Conservative - East Yorkshire)
Question to the Cabinet Office:
To ask the Minister for the Cabinet Office, what guidance his Department issues on how (a) schools, (b) NHS trusts and (c) other public bodies should respond to ransomware attacks.
Answered by Alex Burghart - Parliamentary Secretary (Cabinet Office)
The world leading National Cyber Security Centre provides comprehensive guidance to all UK public bodies on how to respond to ransomware attacks, which can be found. The guidance is clear that central Government funds will not be used by Government departments or Arms Length Bodies (ALBs) to pay ransomware demands and this stance was publicly reiterated in November 2023 when the UK, along with other members of the Counter Ransomware Initiative, signed a joint statement discouraging anyone from paying a ransomware demand.
NHS England and the Department for Education provide bespoke guidance for their respective sectors which is consistent with the wider government’s approach. The Department is committed to harnessing expertise on this subject, including recently hosting a roundtable discussion on academic security with the support of the NCSC, to ensure that guidance continues to be appropriate for the developing threat.
Apr. 26 2024
Source Page: Government to launch new consultation to protect UK universities from security threatsFound: Government to launch new consultation to protect UK universities from security threats
Found: security.
Written Evidence Apr. 25 2024
Inquiry: FraudFound: value chain. techUK has been co-chairing the Online Fraud Group (OFG) in partnership with the National
Apr. 25 2024
Source Page: Regulatory Horizons Council: the Future Regulation of Space TechnologiesFound: Extend the remit of the National Security and Investment Act to cover the future in -orbit trade of
Apr. 25 2024
Source Page: Regulatory Horizons Council: the Future Regulation of Space TechnologiesFound: security
Apr. 25 2024
Source Page: Building a New Scotland: Justice in an independent ScotlandFound: our Vision for Justice, an approach: founded in equality and human rights; that puts people at the centre
Mentions:
1: Oliver Dowden (Con - Hertsmere) This is an important issue, which is why we established the National Cyber Security Centre. - Speech Link
2: Oliver Dowden (Con - Hertsmere) Cyber Security Centre. - Speech Link
3: Oliver Dowden (Con - Hertsmere) Cyber Security Centre. - Speech Link
4: Oliver Dowden (Con - Hertsmere) Cyber Security Centre. - Speech Link
Oral Evidence Apr. 24 2024
Inquiry: Cyber resilience of the UK's critical national infrastructureFound: protecting our national infrastructure by improving cyber security?
Asked by: Jim Shannon (Democratic Unionist Party - Strangford)
Question to the Department for Energy Security & Net Zero:
To ask the Secretary of State for Energy Security and Net Zero, whether her Department is taking steps to secure the (a) electricity grid and (b) electric vehicle infrastructure from remote disruption by foreign actors.
Answered by Justin Tomlinson - Minister of State (Department for Energy Security and Net Zero)
The Government takes the security of the electricity grid and electric vehicle infrastructure extremely seriously. The Department for Energy Security and Net Zero works closely with Ofgem, the National Cyber Security Centre, and operators to strengthen infrastructure against attacks, share threat intelligence, and set clear and robust regulatory standards that are enforced through the Network and Information Systems Regulations 2018.
The 2021 electric vehicle smart charge point regulations include cyber security requirements. These require that all private charge points meet physical tamperproof requirements, check regularly for security updates, and encrypt all communication to and from the charge point.
The Government has recently published a detailed consultation package, 'Delivering a smart and secure electricity system: implementation'. This sets out proposals for minimum security and grid stability requirements for Energy Smart Appliances and load controlling organisations to further mitigate risk.