9. What assessment he has made of the level of the cyber-security threat to the UK. (906902)
Maintaining robust cyber-security is a priority for the UK and of particular importance to the MOD. The threat is continually changing in scope and complexity. All public and private sector organisations have a stake in addressing the cyber threat, and the MOD is one element of the national cyber-security programme, which is co-ordinated by the Cabinet Office.
We know that cyber attacks are often targeted at defence companies themselves. What steps have the Government taken to ensure that security within the UK defence sector is strengthened?
We have taken very specific steps. With the Office of Cyber Security and Information Assurance, the Centre for the Protection of National Infrastructure and GCHQ, we are working closely with industry to ensure it is aware of the changing nature of the threat and has effective counters in place. The defence cyber protection partnership aims to meet the emerging threat specifically to the UK defence supply chain by increasing awareness of cyber risks, sharing threat intelligence and defining risk-driven approaches to applying cyber-security standards. We are already doing it.
To what extent have NATO and our NATO allies prioritised the development of cyber capabilities?
For obvious reasons, NATO takes this threat very seriously. For instance, I believe it has a centre of excellence based in Estonia helping to provide advice to other NATO countries. We in the UK also take the threat very seriously and have invested heavily to counter it.
In response to the hon. Member for Norwich North (Chloe Smith), the Minister said that the recruitment for cyber-reserves was on track, but he could not give us precise details because it would breach confidentiality. I have always subscribed to the notion of “trust but verify”. Will he indicate by what means—numbers or some other means—we can ensure that the information is accurate and correct?
I went and verified. I visited the joint forces cyber-group at Imjin barracks in Innsworth in November, and I was able to meet a number of reservists, one of whom was from the Bank of England, who had recently signed up to help provide for the defence of our country. We do not give out publicly the number of people recruited for the cyber-reserves, and I hope the House will realise that there is a logical reason for that. The recruitment is, however, on track, and the quality of the individuals I met at Innsworth were, I have to say, extremely impressive.
President Obama has openly stressed the importance of establishing rules for the road on cyber-security, but what capacity has the UK developed to respond to a cyber-attack?
I remind the House that the strategic defence and security review announced a £650 million budget for the national cyber-security programme. Moreover, in June 2013, my right hon. Friend the Chancellor of the Exchequer went further by stating that investment in this area will continue to grow in 2015-16 and will include a further £210 million. An announcement by the Ministry of Defence last July showed that we are going even further than that.