Public Sector Cyber-security

Cabinet Office and the Chancellor of the Duchy of Lancaster – in the House of Commons at 12:00 am on 22nd November 2017.

Alert me about debates like this

Photo of Bambos Charalambous Bambos Charalambous Labour, Enfield, Southgate 12:00 am, 22nd November 2017

What assessment he has made of the level of investment required to ensure high standards of cyber-security in the public sector.

Photo of Damian Green Damian Green First Secretary of State and Minister for the Cabinet Office

Our national cyber-security strategy, supported by £1.9 billion of transformational investment, sets out measures to defend our people, businesses and assets, deter our adversaries and develop cyber-skills. These include the creation of the National Cyber Security Centre and direct investment in central and local government, the health sector and the defence sector.

Photo of Bambos Charalambous Bambos Charalambous Labour, Enfield, Southgate

Our public services have been starved of cash for seven years, but cyber-security requires constant investment, so has the Minister advocated long-term funding to enable public services to protect themselves against all forms of cyber-attack?

Photo of Damian Green Damian Green First Secretary of State and Minister for the Cabinet Office

Yes, indeed. That is the whole point not just of the National Cyber Security Centre, but of the very significant investment I have just mentioned—£1.9 billion—which is set to transform defences against cyber-attack across the public sector, for central and local government, particularly the health and defence sectors, as well as advising the private sector, because our defences obviously need to be mutually dependent across the public and private sectors.

Photo of James Gray James Gray Conservative, North Wiltshire

Does my right hon. Friend not accept that none the less there is a slight lack of clarity on who within the Government has ultimate responsibility for cyber-security, both offensive and defensive? Is not it time we had a cyber-department that would be responsible for defending this nation against cyber-attacks and thinking about ways it could possibly be used abroad?

Photo of Damian Green Damian Green First Secretary of State and Minister for the Cabinet Office

My hon. Friend is right that we need proper co-ordination. That co-ordination role falls to the Cabinet Office, but clearly there are important areas where the Home Office has direct responsibility for operational matters, and obviously the Ministry of Defence has responsibilities in purely military terms. I am happy to reassure him that the co-ordination comes through the Cabinet Office.

Photo of Paul Flynn Paul Flynn Labour, Newport West

As we have just come to the conclusion that a cyber-influence was entirely invisible and beyond any mechanisms that the electoral college has to control it, and as the Prime Minister has said that there was cyber-influence in the elections and probably in the referendums, is it not time we decided that we should have no faith in those two results and that we should look for another referendum, because second thoughts are always better than first thoughts?

Photo of Damian Green Damian Green First Secretary of State and Minister for the Cabinet Office

The hon. Gentleman raises a serious point. There is no evidence of any successful attempt to interfere with our electoral processes. Indeed, it is particularly difficult to have a cyber-attack against an electoral system that requires voters to put crosses on pieces of paper using small pencils, so that undoubtedly old-fashioned system is very effective against cyber-attack.

Photo of Andrew Bridgen Andrew Bridgen Conservative, North West Leicestershire

To defend ourselves against cyber-attack, it is essential that we recruit and retain people with the necessary skills to take up the cudgels on our behalf in the cyber-arms race. What steps are the Government taking to recruit and retain people with those skills in the public sector?

Photo of Damian Green Damian Green First Secretary of State and Minister for the Cabinet Office

My hon. Friend makes a good point. The National Cyber Security Centre, along with GCHQ, has established a programme of assessment and certification. Some 20 degrees have been certified, most of which are one-year postgraduate master’s degrees in cyber-security, and 14 universities are now academic centres of excellence in cyber-security research, precisely so that we can maintain a pipeline of skilled people to help our cyber-defences.

Photo of Jon Trickett Jon Trickett Shadow Minister (Cabinet Office), Shadow Lord President of the Council

We have learnt today that Uber’s suppression of a database hack involving tens of millions of people is to be investigated, but there were 9,000 data breaches by the Government in a single year, according to the National Audit Office, although they notified the Information Commissioner’s Office of only 14 of them. Such contraventions clearly pose questions about our personal privacy and security. Given the scale of what is happening with the internet, action is clearly needed for further protection of the public. But last year the Government spent only—

Photo of John Bercow John Bercow Speaker of the House of Commons, Chair, Speaker's Committee on the Electoral Commission, Chair, Speaker's Committee for the Independent Parliamentary Standards Authority, Chair, Commons Reference Group on Representation and Inclusion Committee

Order. I am sorry to interrupt the hon. Gentleman, but we are very pressed for time. We need a sentence and a question. We have to press on because we have a lot of people to accommodate.

Photo of Jon Trickett Jon Trickett Shadow Minister (Cabinet Office), Shadow Lord President of the Council

Last year, the Government announced that they had spent only £230 million of the £1.9 billion allowance that had been made. Will the Minister get on with spending that money to protect our citizens?

Photo of Damian Green Damian Green First Secretary of State and Minister for the Cabinet Office

We are absolutely getting on with spending the money to protect our citizens in the ways I have just set out. The hon. Gentleman will realise that that £1.9 billion is to be spent over five years, so the fact that we have spent £230 million-odd in the first year is about what we would expect. It is a continuous programme of continuous improvement.