-
(Enfield,
Southgate) (Lab)
1. What assessment he has made of the level of investment
required to ensure high standards of cyber-security in the
public sector. [901965]
-
The First Secretary of State and Minister for the Cabinet
Office (Damian Green)
Our national cyber-security strategy, supported by £1.9
billion of transformational investment, sets out measures to
defend our people, businesses and assets, deter our
adversaries and develop cyber-skills. These include the
creation of the National Cyber Security Centre and direct
investment in central and local government, the health sector
and the defence sector.
-
Our public services have been starved of cash for seven
years, but cyber-security requires constant investment, so
has the Minister advocated long-term funding to enable public
services to protect themselves against all forms of
cyber-attack?
-
Yes, indeed. That is the whole point not just of the National
Cyber Security Centre, but of the very significant investment
I have just mentioned—£1.9 billion—which is set to transform
defences against cyber-attack across the public sector, for
central and local government, particularly the health and
defence sectors, as well as advising the private sector,
because our defences obviously need to be mutually dependent
across the public and private sectors.
-
(North Wiltshire)
(Con)
Does my right hon. Friend not accept that none the less there
is a slight lack of clarity on who within the Government has
ultimate responsibility for cyber-security, both offensive
and defensive? Is not it time we had a cyber-department that
would be responsible for defending this nation against
cyber-attacks and thinking about ways it could possibly be
used abroad?
-
My hon. Friend is right that we need proper co-ordination.
That co-ordination role falls to the Cabinet Office, but
clearly there are important areas where the Home Office has
direct responsibility for operational matters, and obviously
the Ministry of Defence has responsibilities in purely
military terms. I am happy to reassure him that the
co-ordination comes through the Cabinet Office.
-
(Newport West) (Lab)
As we have just come to the conclusion that a cyber-influence
was entirely invisible and beyond any mechanisms that the
electoral college has to control it, and as the Prime
Minister has said that there was cyber-influence in the
elections and probably in the referendums, is it not time we
decided that we should have no faith in those two results and
that we should look for another referendum, because second
thoughts are always better than first thoughts?
-
The hon. Gentleman raises a serious point. There is no
evidence of any successful attempt to interfere with our
electoral processes. Indeed, it is particularly difficult to
have a cyber-attack against an electoral system that requires
voters to put crosses on pieces of paper using small pencils,
so that undoubtedly old-fashioned system is very effective
against cyber-attack.
-
(North West
Leicestershire) (Con)
To defend ourselves against cyber-attack, it is essential
that we recruit and retain people with the necessary skills
to take up the cudgels on our behalf in the cyber-arms race.
What steps are the Government taking to recruit and retain
people with those skills in the public sector?
-
My hon. Friend makes a good point. The National Cyber
Security Centre, along with GCHQ, has established a programme
of assessment and certification. Some 20 degrees have been
certified, most of which are one-year postgraduate master’s
degrees in cyber-security, and 14 universities are now
academic centres of excellence in cyber-security research,
precisely so that we can maintain a pipeline of skilled
people to help our cyber-defences.
-
(Hemsworth) (Lab)
We have learnt today that Uber’s suppression of a database
hack involving tens of millions of people is to be
investigated, but there were 9,000 data breaches by the
Government in a single year, according to the National Audit
Office, although they notified the Information Commissioner’s
Office of only 14 of them. Such contraventions clearly pose
questions about our personal privacy and security. Given the
scale of what is happening with the internet, action is
clearly needed for further protection of the public. But last
year the Government spent only—
-
Mr Speaker
Order. I am sorry to interrupt the hon. Gentleman, but we are
very pressed for time. We need a sentence and a question. We
have to press on because we have a lot of people to
accommodate.
-
Last year, the Government announced that they had spent only
£230 million of the £1.9 billion allowance that had been
made. Will the Minister get on with spending that money to
protect our citizens?
-
We are absolutely getting on with spending the money to
protect our citizens in the ways I have just set out. The
hon. Gentleman will realise that that £1.9 billion is to be
spent over five years, so the fact that we have spent £230
million-odd in the first year is about what we would expect.
It is a continuous programme of continuous improvement.
