Select committee urges creation of cyber minister cabinet role
MPs and Lords find ‘absence of political leadership’ in government response to cyberthreats
Credit: Danny Lawson/PA Wire/PA Image
Ministers' oversight of cybersecurity threats is “wholly inadequate” in the face of a “potentially devastating” major attack on Britain's infrastructure, a parliamentary committee has said.
The Joint Committee on National Security Strategy said the government had failed to act with “a meaningful sense of purpose or urgency” on growing threats from the likes of Russia.
The body called on Theresa May to appoint a dedicated cybersecurity minister in the cabinet to build national resilience and lower the risk of attacks on sectors including energy, health services, transport and water.
The joint committee said ministers had assessed a major cyberattack on the UK’s critical national infrastructure (CNI) as a “top tier” threat with potentially “devastating” consequences.
"As some states become more aggressive and non-state actors such as organised crime groups become much more capable, the range and number of potential attackers is growing," it said.
- MPs and Lords express concern at government plan to address civil service cyber skills challenges
- MPs and peers to investigate scale of cyber security threat to UK
- Government admits failure of bid to recruit chief security officer
It warned that the 2017 WannaCry attack – which did not directly target the NHS – had “greatly affected” the health service and shown the significant consequences that attacks on UK infrastructure could have.
The group of parliamentarians meanwhile raised fears that current capacity at the National Cyber Security Centre had has already been outstripped by demand.
Committee chair Dame Margaret Beckett, said: “We are struck by the absence of political leadership at the centre of Government in responding to this top-tier national security threat. It is a matter of real urgency that the government makes clear which cabinet minister has cross-government responsibility for driving and delivering improved cyber security, especially in relation to our critical national infrastructure.”
She added: “There are a whole host of areas where the government could be doing much more, especially in creating wider cultural change that emphasises the need for continual improvement to cyber resilience across CNI sectors… Too often in our past the UK has been ill-prepared to deal with emerging risks. The government should be open about our vulnerability and rally support for measures which match the gravity of the threat to our critical national infrastructure.”
CyberArk, our sponsor for PublicTechnology Cyber Week, writes about how industry and government are working together to meet Australia’s cyber challenges
Information request reveals that number of reported incidents increased slightly
Cabinet Office minister said that, despite the controversy that often surrounds the PM’s top adviser, ‘people are interested in Dominic and his ideas’
We are approaching the fourth anniversary of the foundation of the NCSC and the threats it was created to respond to loom larger than ever. PublicTechnology examines the growth of the UK’...
PublicTechnology talks to Rich Turner about why organisations need to adopt a ‘risk-based approach’ to security – but first make sure they get the basics right
CyberArk's David Higgins explores the cyber risks of hiring independent contractors