UKPOL.CO.UK

Category: Technology

  • Julia Lopez – 2022 Comments on Rollout of 4G and 5G Technology

    Julia Lopez – 2022 Comments on Rollout of 4G and 5G Technology

    The comments made by Julia Lopez, the Digital Infrastructure Minister, on 25 May 2022.

    Everyone gets frustrated when their mobile signal is poor, particularly when patchy coverage holds up important work and social calls and makes it harder to do stuff online. That is why we are determined to get the UK the connectivity it needs by rolling out better mobile coverage as quickly as possible.

    Currently, mobile companies are finding it difficult to get the data they need to check that a lamppost, bus shelter or public building is suitable for hosting their kit. These eight pilots will help solve this by modernising the way local authorities and operators work together in a way that ultimately delivers faster, more reliable mobile coverage for millions of people. It is all part of our joined-up strategy to deliver world-class connectivity to every corner of our country.

  • Julia Lopez – 2022 Comments on Gigabit Broadband in New Homes

    Julia Lopez – 2022 Comments on Gigabit Broadband in New Homes

    The comments made by Julia Lopez, the Digital Infrastructure Minister, on 24 May 2022.

    We are moving rapidly in our national mission to make sure everyone can benefit from faster gigabit-speed broadband. National coverage has jumped from six per cent to sixty-five per cent in just two years.

    The law changes we are consulting on today will help us go further and faster to make our homes fit for the future with the infrastructure people will need to take advantage of new technologies in the coming decades.

  • Trudy Harrison – 2022 Comments on Self-Driving Cars

    Trudy Harrison – 2022 Comments on Self-Driving Cars

    The comments made by Trudy Harrison, the Transport Minister, on 23 May 2022.

    We know that self-driving vehicles have the potential to revolutionise the way we travel, making our future journeys cleaner, easier and more reliable. But our absolute priority is harnessing the technology to improve road safety.

    With around 88% of road collisions currently caused by human error, this funding will drive the introduction of new technology to improve travel for all, while boosting economic growth and highly skilled jobs across the nation.

  • Lee Rowley – 2022 Comments on the Smart Manufacturing Data Hub

    Lee Rowley – 2022 Comments on the Smart Manufacturing Data Hub

    The comments made by Lee Rowley, the UK Industry Minister, on 18 May 2022.

    As we embrace the digital manufacturing revolution, it is vital manufacturers across the UK can capitalise on the productivity and growth gains that come with the adopting the latest data-led digital technologies.

    The Smart Manufacturing Data Hub, backed by £20 million of government funds, will support companies to implement cutting edge production and process techniques themselves, helping bring the next generation of products to our shelves in a more efficient and sustainable way.

  • Nadine Dorries – 2022 Statement on a New Pro-competition Regime for Digital Markets

    Nadine Dorries – 2022 Statement on a New Pro-competition Regime for Digital Markets

    The statement made by Nadine Dorries, the Secretary of State for Digital, Culture, Media and Sport, in the House of Commons on 11 May 2022.

    This is a joint statement with the Secretary of State for Business, Energy and Industrial Strategy.

    Last week, we published the response to the consultation on a new pro-competition regime for digital markets. As we move to build back better from the pandemic and level up opportunities throughout the UK, unlocking growth in the digital economy has never been more important or urgent.

    Digital technologies make an enormous contribution to the UK economy and are positively transforming our daily lives. However, weak competition in digital markets is stifling economic growth and imposing unnecessarily high costs on British businesses and consumers. That is why the Government have committed to establishing a new pro-competition regime for these markets. This will boost competition, drive innovation, and protect those people and businesses that rely on a very small number of immensely powerful tech firms.

    Our regime will be able to place obligations on these firms to make it easier for users to communicate across different platforms, switch to smaller providers and deliver new, better alternatives for consumers. The Digital Markets Unit will also introduce clear rules on how the most powerful tech firms should treat businesses and consumers when delivering key services such as social media and online search. These rules will make sure these tech firms are transparent and trade on fair and reasonable terms.

    Competition is key to unlocking the full potential of the digital economy as more choice will lower prices for everyday goods and services that rely on online advertising. Countries around the world are developing their policy and regulatory approaches. Now that we have left the EU, we have the freedom to take a bold new approach to regulation in order to ease burdens for businesses, boost competition and help drive a new era of productivity and prosperity for all the UK’s communities and nations. The UK is leading the global debate, as demonstrated during our G7 presidency last year where countries agreed to deepen international co-operation. Last week’s publication set out how the new regime will deliver a world-leading, innovation-friendly approach to driving up competition in digital markets.

    The set-up of the Digital Markets Unit last year was a major milestone in delivering the regime. We want to maintain this momentum. We set out the design of the regime in our public consultation which closed on 1 October 2021. We received a large number of submissions to our consultation including from trade associations, the tech sector, SMEs, academics, consumers and representative groups. There is strong support for the regime and growing calls for it to be delivered urgently.

    This response builds on the consultation and sets out how the regime will work. In particular:

    The new pro-competition regime will be overseen and enforced by the Digital Markets Unit (DMU), housed within the Competition and Markets Authority (CMA). The regime’s core objective will be to promote competition in digital markets for the benefit of consumers, lowering prices and increasing transparency and fairness. The DMU will work closely with other regulators through a statutory duty to consult them where proportionate and relevant.

    A small number of the most powerful firms with entrenched and substantial market power that affords them a strategic position in the market will be designated, by the CMA, as having strategic market status and will fall within scope of the regime; these designation parameters, including a minimum revenue threshold, will be outlined in legislation and supported by guidance.

    Once designated, firms will be subject to new and binding conduct requirements to manage the effects of their market power by shaping their behaviour and rebalancing the power between big tech and those who rely on them. The regime will give the regulator the ability to tailor these requirements for firms, to account for the most relevant harms and risks. These requirements will be limited by a set of categories set out in legislation. Rules may include giving consumers clear and transparent information on how their data is used, or preventing a firm ranking its own products more highly in a search result where it harms consumers.

    The DMU will also proactively tackle the root cause of market power by making targeted and proportionate pro-competitive interventions. These will ensure that businesses across the economy that rely on very powerful tech firms, including the news publishing sector, are treated fairly and can succeed without having to comply with unfair terms. The DMU will have broad discretion to design and implement remedies, including trials, after an evidence-based investigation.

    To ensure the regime’s effectiveness, the DMU will have robust enforcement powers. This includes the ability to impose financial penalties of up to 10% of a firm’s global turnover for breaches. There will also be the option to hold individual senior managers accountable.

    The costs of the regime will be partially recouped by levy funding, providing smooth and predictable resourcing for the DMU while ensuring best value for money for the taxpayer.

    Finally, designated firms will also be subject to new merger reporting requirements, ensuring greater transparency over their impacts on competition.

    2022 is a landmark year for shaping the rules that govern digital technologies around the world. The UK is at the forefront of this, driving forward groundbreaking work, including on online safety, digital competition, data protection, and cybersecurity. Our outcomes-focused and proportionate regulatory approach will be tailored to maximise benefits to the UK economy.

    The new pro-competition regime also complements the BEIS-led “Reforming Consumer and Competition Policy” consultation, which considered broader competition reforms and made a number of proposals which will also help to improve competition in markets more widely and fair treatment of consumers in digital markets. The response to this consultation was published in April.

    The CMA and Ofcom last week published advice on how the regime would govern the relationship between platforms and content providers including news publishers. The DMU must be able to intervene to ensure fair and reasonable contractual terms, and we are considering the use of binding final offer arbitration as a backstop enforcement mechanism to resolve disputes where needed.

    I will be placing copies of the response in the Libraries of both Houses, and it is also available on gov.uk.

  • Julia Lopez – 2022 Statement on App Security and Privacy Interventions

    Julia Lopez – 2022 Statement on App Security and Privacy Interventions

    The statement made by Julia Lopez, the Minister for Media, Data and Digital Infrastructure, in the House of Commons on 11 May 2022.

    I am pleased to inform the House that the Government have published a document titled “Call for Views on App Security and Privacy Interventions”, which sets out proposed interventions to protect consumers from malicious and poorly developed apps.

    App stores can serve as trusted digital marketplaces that help protect users, but this Government expect them to have the right processes to check that apps are not a risk to users’ security and privacy. While many app stores have vetting and review processes, malicious and insecure apps continue to make it onto some stores. Developers also have a clear responsibility for ensuring that they are creating apps with appropriate security and privacy. Given the increasingly important role apps play in everyday life, we need to take action to manage the potential risks associated with using apps.

    A key ambition of our new national cyber strategy, published in December 2021, is to reduce cyber risks so businesses can maximise the economic benefits of digital technology and citizens are more secure online and confident that their data is protected. The Government’s work on app security and privacy will put in place a framework that ensures operators of app stores and developers are taking appropriate steps which mean that users are not put at risk from malicious apps. The national cyber strategy also pledges to secure the next generation of connected technologies, for which apps can often be an important enabler. Additionally, as set out in the plan for digital regulation, we will ensure our overall approach to governing digital technologies is proportionate and supports growth and innovation within the sector.

    The interventions suggested in this publication include a voluntary code of practice that sets out baseline security and privacy requirements for app store operators and app developers. The code would be a first step in a series of policy interventions intended to protect consumers from malicious and insecure apps, with the possibility of regulating aspects of the code in the future, should these policy interventions not achieve the desired outcome. These proposals complement work that is already happening across Government to help protect users and establish a pro-competition regime for digital markets, which will introduce new rules to ensure digital consumers and businesses are treated fairly so that new and innovative tech firms can flourish. As digital markets evolve, such as the distribution and methods for accessing apps, our focus will be to ensure that users are protected and developers are building apps with appropriate levels of security and privacy.

    Alongside this publication, we have launched an eight-week call for views process, where we will be welcoming the public’s views on the proposed interventions. These views will help shape UK Government policy over the coming years and allow both consumers and businesses to securely use apps as part of everyday life, helping make the UK a stronger and more secure place for people and businesses.

    I will place a copy of the “Call for Views on App Security and Privacy Interventions” document in the Libraries of both Houses.

  • Steve Barclay – 2022 Speech at Cyber UK

    Steve Barclay – 2022 Speech at Cyber UK

    The speech made by Steve Barclay, the Chancellor of the Duchy of Lancaster, on 11 May 2022.

    Thank you, Lindy. Good morning colleagues.

    Across the Cabinet Office and No10 we see the range of threats that our country faces.

    Core to our defence is the work of you Lindy, and your colleagues at the National Cyber Security Centre. So firstly a huge thank you to you, but also to all those in the room who do so much to keep us safe.

    And it is these threats that I want to talk about this morning – particularly in the context of Russia’s brutal invasion of Ukraine.

    But also the huge opportunity that cyber in the UK currently presents, including setting out the whole of society approach that is integral to tackling those threats but also achieving the UK’s potential and indeed building on the comments of Sir Jeremy yesterday.

    Much progress to protect us from the risk of internet-based attacks has been made since the launch of the UK’s first National Cyber Strategy, with cyber experts thwarting 2.7 million online scams last year alone – more than four times that of 2020.

    The NCSC has said that it believes that Russia continues to pose a significant and enduring cyber threat to the UK.

    And yesterday, the UK – along with the EU, the US and other allies – said that Russia was responsible for a series of cyberattacks mounted since the invasion of Ukraine.

    Their impact has been felt across Europe, in disrupted access to online services and even in the operation of wind farms.

    And Russia has said it sees the UK’s support for Ukraine as ‘unprecedented hostile actions’ – and as Avril Haines said yesterday, Putin is preparing for a long conflict.

    So we must all, therefore, consider the likely long-term threat, so that we are as prepared as we possibly can be.

    And the greatest cyber threat to the UK – one now deemed severe enough to pose a national security threat – is from ransomware attacks.

    Should the UK face an attack on the scale previously inflicted on Ukraine’s critical national infrastructure sites, businesses and the public should not expect to receive advance warning.

    Preparedness is therefore essential.

    And our defences must be in place: ready for whatever comes in whatever way.

    This is why the work, Lindy, of the NCSC is so important.

    And I am sure many of you here today have had the benefit of their knowledge and free resources.

    But it is crucial that we spread the word wider.

    I was delighted to learn that the NCSC’s cyber advice for businesses was accessed over 100,000 times after Tony Danker, the director general of the CBI, and I wrote a piece for The Times.

    And that 3,000 schools have accessed the NCSC’s new cyber defence tools for schools in the first week after its release.

    But of course there is no room for complacency.

    Every member of the public has their part to play; every company in a supply chain can make sure they are not the weakest link.

    Because making sure we are ready, as Sir Jeremy said yesterday, is a whole of society effort.

    And that is one reason why the conference CyberUK is a calendar highlight – an opportunity to channel the expertise, enthusiasm and enterprise across government and business.

    But also a great opportunity to shine a light on the national success story that digital and cyber has become.

    Thanks to our work together, I am determined that the UK will be the world leader for innovation, gaining a digital education, and indeed having an open, safe and reliable internet.

    And this allows us to take full advantage of the broader social and economic opportunities of the digital age, which is at the core of our National Cyber Strategy.

    And make no mistake: the record £2.6 billion of Government funding is a statement of our intent.

    As the Prime Minister has said: ‘We want the UK to regain its status as a science superpower, and in doing so to level up.’

    Cyber is key to this mission.

    It is no accident that we are here today in the heart of Cyber Wales’s Ecosystem.

    Having previously met in Glasgow.

    And next year we will be off to Belfast.

    Evidence of the Union working to benefit the whole of the United Kingdom.

    I also note, as many in the room will be aware, that today is the 25th anniversary of the supercomputer Deep Blue beating the chess champion Garry Kasparov – in a man versus machine contest that indeed astonished the world.

    Now back then, Deep Blue was a project costing $100million. The computer weighed 1.4 tons with two, six-foot five-inch black towers.

    Compare that today, to the mobile phones in our pockets matching it for processing power.

    Such is the speed of progress, digital technology has already grown to touch every aspect of our lives.

    Democratising threats, but also playing an important part in our future growth, with the potential for huge economic gains.

    Look at what the cyber security sector alone contributed to the UK economy last year: generating £10.1 billion in revenue and it attracted more than a billion pounds in investment.

    Thanks to 6,000 new jobs being created, over 52,000 people are now employed in cyber security and – I think importantly – more than half of them are outside London and the South East.

    So as well as Wales, cyber security clusters are flourishing in Scotland, Northern Ireland, in the North West and in the East Midlands.

    But we want to see more start-ups – like the new collaboration between NCSC and the five tech companies to develop low-cost ways to tackle ransomware attacks which is testimony to the UK being the best place for innovation outside Silicon Valley.

    As the country builds back from the pandemic, the cyber skills revolution will help fuel growth, equip people to build and switch into new careers.

    And to stay working where they grew up, spreading opportunity all around the UK.

    Through our CyberFirst bursary programme, more than 100 students receive £4,000 and eight weeks paid training or development work with government and industry; leading to a full-time role when they graduate.

    And now those working in cyber– including indeed people here today – will have the chance to become chartered professionals, as the UK Cyber Security Council has been granted its Royal Charter in recognition of the invaluable work it is doing to raise standards and ensure good career pathways.

    Of course, investment in business and skills is immensely important to the economy and jobs. But it is also essential to help us preserve the UK’s core values of democracy and free speech – as we are doing through our Online Harms Bill.

    From my conversations with heads of schools, business leaders and chief executives, the message of the need to keep people safe online is indeed landing and it’s spreading; with key sectors stepping up to do their bit.

    In schools, we now have more than 1,500 teachers signed up to deliver our Cyber Explorers programme, seeding their enthusiasm in younger students for maintaining a safe and resilient cyber space: and I’m indeed looking forward to meeting pupils from St Joseph’s School here in Newport to hear their experiences of the CyberFirst Girls Competition.

    We also have the National Cyber Force combining the hard and soft power from our military and intelligence services to counter the threats that we face.

    And Government has been working with partners across the sector on legislation in order to help keep us safe online.

    We’re protecting consumers by enforcing minimum standards in connected products, through the Product Security and Telecommunications Infrastructure Bill – so the ‘Internet of Things’ doesn’t become the ‘Internet of Threats’.

    Telecoms operators that fail to meet security standards will face heavier Ofcom fines under the Telecommunications Security Act.

    And just yesterday the Data Reform Bill, in the Queen’s Speech will ensure that personal data is protected to a higher standard, and enable stronger action against organisations for a breach.

    Together this legislation will play a significant role, but we also alongside it require a global approach.

    In these uncertain times, international allies are essential: in intelligence-sharing, shaping the governance of cyberspace, and deterring irresponsible behaviour and ensuring cyberspace remains free, open, peaceful and secure.

    The road to free and resilient cyberspace runs through our friends in Warsaw and Bucharest all the way to Kyiv.

    And the UK was among the first states to set out how the rules-based international order extends to cyberspace – and it’s something my colleague Suella Braverman, the Attorney General, will be saying more about at Chatham House next week.

    Last year, when I launched the National Cyber Strategy, we said that Ransomware had become the most significant cyber threat facing the UK. It is therefore imperative that we continue to prepare for the future, and learn from past attacks – at home and indeed abroad.

    We must not drop our guard, underestimate the threat or take our eye off the ball when it comes to our cyber defences across society.

    In the run-up to the Ukraine invasion, Russia unleashed deliberate and malicious attacks against Ukraine.

    The Ukrainian financial sector was targeted by distributed denial of service attacks that took websites offline.

    With the UK government declaring the Russian Main Intelligence Directorate, the GRU, as being involved.

    Since then, evolving intelligence about Moscow exploring options for cyberattacks prompted last month’s joint advisory from the UK and our Five Eyes allies – that Russia’s invasion of Ukraine could expose organisations within and beyond the region to increased malicious cyber activity.

    Some UK citizens have already felt the impact of cyberattacks.

    And some authorities estimate that in 2020, ransomware attacks may have cost the UK economy a minimum of £615 million.

    Over the past year, the National Crime Agency has received on average one report from victims of a Russia-based group responsible for ransomware attacks in the week. One report a week. Indeed, some authorities have estimated that over the last year global ransomware payments are up 144%, and the average demand is $2.2 million.

    But the number of incidents – and indeed their economic cost to the UK – is likely to be much higher. Law enforcement teams believe that most attacks go unreported: perhaps through embarrassment or a reluctance to admit that money has indeed changed hands.

    So, I would encourage any organisation that suffers an attack to come forward, report it to Action Fraud who run our 24/7 cyber reporting line.

    By doing so, you will help us to strengthen our individual and collective resilience as we learn from each other.

    In one attack in the UK, the National Crime Agency alerted a public sector organisation to an ongoing breach of its systems. Within hours, the NCA had identified the compromised services and located the exfiltrated data, which it later managed to take down; so that no personal information got out.

    What we learned is that our controls quickly spotted the incident and our reaction was swift.

    And we were then able to share useful evidence with industries so they can learn and prepare for similar attacks.

    The government is stress-testing its own defences, too.

    The more complete our security picture, the better we would handle any attack.

    And in the context of our most capable adversaries becoming more sophisticated, I can announce that we have agreed support for the next decade of UK cryptographic capabilities – nothing less than the entire ecosystem that keeps government safe – recognising the vital national importance of our sensitive sovereign Crypt-Key technology.

    Now, computer professionals tell me there is only one sure-fire way to know a computer is never hacked. Never connect it to the internet.

    But – let’s be realistic. That’s not an option.

    Which is why we have to work together.

    Through the NCSC’s world-leading tools and advice.

    Through acting with international allies.

    Through legislation.

    Through protecting our own government systems.

    But most importantly through harnessing our collective strengths and acting as one, building, as Sir Jeremy set out yesterday, a whole of society response.

    This is at the heart of the National Cyber Strategy, treating the cyber domain as no longer being a niche concern simply for the IT team – but as a wide-ranging grand initiative.

    Being a responsible, durable, effective cyber power cannot be achieved by government alone.

    So we want to work with industry, universities, schools and individual citizens getting involved.

    Working together. As a whole society.

    Thank you very much.

  • Jeremy Quin – 2022 Speech at SupportNET 22

    Jeremy Quin – 2022 Speech at SupportNET 22

    The speech made by Jeremy Quin, the Minister for Defence Procurement, on 28 April 2022.

    Two years ago I was relatively new in post and I regret I wasn’t able to join you on that occasion but now I know it was referred to as a Support Net superspreader event and therefore perhaps I regret it a little less.

    It is great, in happier circumstances, for us all to be together in the same room.

    Last year I joined you virtually and I recall quoting then from the Chinese philosopher Sun Tzu, who you will all be familiar, who said the line between success and failure is of course logistics.

    This year, I don’t feel I need to delve 2,000 years into Chinese literature to make the same point. We’ve been seeing it daily on our television screens.

    Those pictures of the 40-mile Russian convoy sat stuck on the road to Kyiv have become some of the defining images of Putin’s war.

    Indeed, Russia’s failure in almost all of its initial objectives may be found to be deeply rooted in the logistics and supply mistakes, amongst others, that they have been making.

    Expensive equipment is getting literally bogged down because it relied, in part, on failing old tyres which have been unmonitored.

    Russian soldiers have been relying on cheap handheld radios because theirs don’t work.

    And, if reports are to be believed, they’ve even resorted to scavenging and looting because their rations are not just weeks or months but years out of date.

    Napoleon, who learned a few things about logistics of the cold climate as you’ll recall, famously talked about an army marching on its stomach.

    And it’s fair to say that the UK has a good track record when it comes to Defence logistics and support networks.

    And we’ll be reminded in this, the 40th anniversary year of the Falklands War, that we succeeded in maintaining an 8000-mile-long supply chain that ultimately led us to victory.

    And just last year, we utilised every asset of Defence to carry out the biggest peacetime airlift in history from Kabul.

    But in this new era of rising threats – where war in Europe is no longer a distant memory but a stark reality – we cannot afford to take our eye off the ball.

    Last year, I spoke about the publication of our Integrated Review and the Defence Command Paper, which constituted the biggest review of our Defence since the end of the Cold War.

    Those two documents recognised the importance of getting logistics right.

    Not simply by reorganising the Army into more self-sufficient Brigade Combat Teams able to meet demand by drawing on their own dedicated logistics and combat support units.

    But by investing in modernising and transforming engineering and logistical support systems to improve the availability and sustainment of our capabilities, our equipment and our people across all the domains.

    Indeed, the Defence Support organisation was created to pursue these common goals.

    They are making sure that no British serviceperson suffers that Russian ration fiasco.

    In fact, today I can reveal that we have been trialling new, nutritionally balanced ration packs, which show a 23% increase in performance for Commando Forces – despite being smaller and lighter to carry. Napoleon no doubt would have approved.

    But this is only a small element in the start of the transformation in logistics that we’re looking for. From my perspective, I want to see and succeed in meeting four key objectives.

    First, we must strengthen our strategic base.

    In other words, the infrastructure and systems upon which we depend to store our stock and to process complex transactions that supply materiel to the front line.

    Over the past year, our Agile Stance Campaign Plan has been probing the fragilities in our supply lines and fixing them.

    I’m glad to say we’re now seeing accelerated investment in sites like Longtown on the Scottish borders, the development of a Supply Chain Strategy that will enable improved agility and resilience, and an enhanced focus on Supply Chain Resilience.

    But I know the people here in this room are likely to have plenty more enterprising and innovative solutions to some of the challenges we face. And I’m very keen to hear from you.

    How do we increase scalability and production through the lifetime of a platform?

    To what extent can we be standardising parts across Defence so that they will always be available, rather than buying our whole stock of wheelnuts for tanks up front and then storing them somewhere indefinitely?

    Can we change commercial agreements so that industry holds the financial liabilities for maintaining stock levels? Would that incentivise industry to design around off-the-shelf solutions more readily?

    My second objective touches directly on the theme of today’s conference – improving the readiness and availability of our equipment.

    Whether that’s through more resilient designs for future platforms, or better through-life management. Here too there are critical questions to consider around contracting for availability.

    For example, should we have contracts which ensure kit is ready for a set number of days in a year?

    How do we best work together to ensure that our bottom-line availability requirements are always met?

    Involving industry contractually in the numbers and maintenance required from the outset for our equipment.

    The Army and Navy are already starting to integrate these ideas. The former’s Land Integrated Operating Service specifically addresses support contracts and seeks better equipment availability and through-life management.

    While the Naval Enterprise Support Strategy is about reducing the amount of time vessels spend in maintenance by working with an agile, global supply chain and support network.

    My third aim is about rapidity in the digital world. Our Command Paper tasks us with creating a digital spine that underpins everything else in our transformed Defence network.

    But that spine needs to be able to exploit data through a common digital architecture, spanning factory to foxhole, to ensure agile, flexible support that is suited to the demands.

    And it needs to ensure the interoperability of every platform we use throughout our organisation, and those of our allies too.

    It might sound simple, but the magnitude of the task is simply daunting when you consider the number of organisations tied into this common digital framework and the security implications of that.

    It is another area where we are looking to draw on your expertise.

    What is the best way to ensure every new platform we invest in can be plugged into the same digital spine for decades to come?

    How can we exploit the Business Modernisation for Support programme to fundamentally revolutionise our processes, enabling those in support to generate your own part of the digital spine?

    My fourth and, you’ll be pleased to hear, my final point is about sustainability and resilience.

    The imperative for energy security has been underlined in recent weeks as nations scramble to reduce their reliance on Russian oil and gas.

    This is not just a major concern for the cost of living in our country; it also has a direct effect on Defence procurement.

    The platforms we procure today will likely be around in 20 years’ time, by which time our current reliance on hydrocarbons will have been reduced in favour of electric, hydrogen and other energy solutions.

    But we must be ready for this change while recognising there are real operational benefits to becoming more sustainable that go well beyond earning plaudits for being socially responsible.

    Consider that an armoured vehicle which can run silently and recharge itself from the sun – what an enticing prospect for Defence.

    If we don’t have a long logistical tail, we will be far less vulnerable to future threats.

    We are already seeing successes with the launch of our Prometheus programme of solar farms on Army land, as well as the development of the world’s first biofuel for fighter jets.

    The massive price hikes we’ve seen for hydrocarbons show the enhanced resilience on which we can benefit in this renewable space.

    As I’ve already intimidated, we can’t achieve these four Rs – real estate, readiness, rapidity and resilience without working together.

    We need partners who are ready to work with us on defining new patterns that achieve our joint objectives. Partners committed to skills development and innovation.

    Partners who will help us identify problems and join forces in finding solutions.

    I am determined to get this partnership with all of you in this room right.

    Last year I spoke about how we are using the Defence and Security Industrial Strategy to reform relationships with the sector.

    Since then, we have made progress, by strengthening our Defence Suppliers Forum and setting up new working groups for SMEs.

    By using our National Security Technology and Innovation Exchange to give industry and academia the world-class facilities they need to succeed.

    And by establishing Regional Defence and Security Clusters to promote skills sharing and foster collaborations between higher tier Defence suppliers and SMEs across the country.

    But I do want you to tell me what more we can do.

    So the ball is being thrown back into your court.

    I’ve spoken about our aims, our ideas and some of the frictions involved. But I want your take on how we take this symbiotic relationship between Government and industry to the next level.

    Be in no doubt, in this more dangerous age, we are only too aware of your value, and we’re determined to have your back because we know that when the chips are down, you will have ours.

  • Matt Warman – 2022 Speech on the Computer Misuse Act 1990

    Matt Warman – 2022 Speech on the Computer Misuse Act 1990

    The speech made by Matt Warman, the Conservative MP for Boston and Skegness, in Westminster Hall on 19 April 2022.

    I congratulate my hon. Friend the Member for Bridgend (Dr Wallis) on securing this debate. I myself put in for a debate on this issue a while ago, but the gods obviously smile more on Bridgend than they do on Boston. Nevertheless, I welcome this opportunity to debate the issue.

    I thank the Minister and his officials for several meetings that he and I have had about this issue relatively recently. All were prompted, as my hon. Friend the Member for Bridgend said, by CyberUp and by Kat Sommer, who deserves to be cited in Hansard for her persistence, among many other things.

    This is an important but technical issue. I will be honest and say that I am not completely certain that the Computer Misuse Act 1990 is broken, but I am certain that it can be improved, by one means or another. That is because, as my hon. Friend the Member for Bridgend said, the structure of the cyber-security industry has changed since the Act came into force, and is different from almost any other part of the national security set-up. If we were to ask whether academics have a right to interrogate systems for the purposes of research, we would definitely say yes. If we were to ask whether businesses have the right to interrogate those same systems, we would assume that it was for commercial purposes and that it was important to have different rules.

    It is also a sector where a lot of very small-scale research is done by individuals—some of them literally in their bedrooms. There is a very diverse set of people looking for loopholes and vulnerabilities. Uncovering those vulnerabilities—be they in banks, businesses or any other area where we all rely on the internet—is categorically in the public interest, even if it may also be in the interests of businesses, researchers or people looking for bounties given by large businesses to uncover those vulnerabilities. Those businesses realise that it is in their interests to provide the maximum security to their customers or users.

    That gets to the heart of why the Computer Misuse Act matters. On the one hand, it seeks to prevent hacking and other things that we do not want to see done by people with malign intent; but on the other hand, it risks fettering the ability of people with the public interest at heart to solve issues that we would all like to see solved. Admiring the problem is the easy bit; the hard bit is trying to work out what we should do about it.

    There are a couple of things that we should not do. We should not introduce a blanket public interest defence for anyone who goes looking for things that might subsequently be perceived as a loophole or bug in a system. To do that would potentially give carte blanche to anyone who got caught, allowing them to claim that they were going to fess up about it, rather than benefit from it themselves. A public interest defence that goes too far should be avoided. I find it hard to imagine how a public interest defence might be constructed that does not, inadvertently or otherwise, go too far.

    The other thing that we should not do—notwithstanding the figures that my hon. Friend the Member for Bridgend quoted—is assume that cyber firms of any sort should not be mindful of legislation such as the Computer Misuse Act. Of course, if someone is doing research they should consider what is legal. It is a good thing, not a bad thing, that it is a factor for consideration for those who are engaged in the cyber-security industry. We should be mindful of how we can fix the Act, rather than just sweep it away altogether. I come to a point that was made a moment ago; those issues can probably be addressed through enhanced guidance that provides a degree of legal comfort to the unsurprisingly risk-averse lawyers who work for cyber firms and others. Such guidance would not provide carte blanche to people who might have malevolent intent.

    Criminals will not be looking at the CMA and wondering whether what they are doing is legal; by definition criminals are not bothered about whether they are breaking the law. However, there is an important grey area, and we should not create an unintended opportunity for people to defend themselves in court. I implore the Minister to continue his work on the review of the Act, which is really important, but with some minor legislative tweaking we could provide the comfort that the industry rightly asks for and could continue to secure the excellent reputation that Britain has and, as the hon. Member for Strangford said, that Belfast has, for being a world-leading cyber power. We can build on that success because the CMA is an example of a bit of legislation that, although very old, has largely stood the test of time for a lot longer than many might think.

    I will close by simply saying that the principles embedded in the CMA are not bad ones. Whenever it comes to legislating for the internet, we should realise that the internet has not necessarily reinvented every single wheel, and principles that apply offline can be applied online. In this case, they need a little bit of updating, but I do not think we should throw the baby out with the bathwater, as the hon. Member for Strangford said.

  • Jim Shannon – 2022 Speech on the Computer Misuse Act 1990

    Jim Shannon – 2022 Speech on the Computer Misuse Act 1990

    The speech made by Jim Shannon, the DUP MP for Strangford, in Westminster Hall on 19 April 2022.

    It is a pleasure to speak in this debate, Sir Mark. I commend the hon. Member for Bridgend (Dr Wallis) for setting the scene so well. I look forward to contributions from others, especially the Minister. From previous experience of dealing with the Minister, and of partnership and co-operation with him, I believe that his answers will be helpful to us. Whether we are technically-minded or otherwise, we all recognise the key issues to which the hon. Member for Bridgend has referred. Why is this issue so important? It is because, as the hon. Gentleman has said, stakeholders have expressed deep and real concerns about the poor security of many devices. I will speak first about individuals and companies, and then probably take my arguments a wee bit beyond that.

    Insecure devices can compromise privacy or be hijacked and used to disrupt other uses of the internet. That happens every day in my constituency and across the whole United Kingdom of Great Britain and Northern Ireland. The Government set in motion a strategy, which was first mooted in 2016, that set a date of 2021 for most online products and services to be cyber-secure by default. Will the Minister in his response tell us whether those targets have been met, and if they have not, when will that happen? DCMS has proposed a voluntary code of practice. I certainly would have liked to have had something mandatory in the system. Perhaps the Minister will indicate whether that is his and the Government’s intention.

    I cannot profess to be technically-minded, but my staff are. They tell me that it is possible to access personal and confidential data, including on bank accounts, through our phones. That is why the debate is vital and why we need to seek from the Minister the reassurance that the protections that people need and want are in place. There is not a week in my constituency when people do not come to me about such issues. If someone phones an individual and talks about that individual’s bank account, it is not their bank. If someone phones and asks personal questions about confidential data, they are not legitimate.

    In the recess, I watched a consumer programme which highlighted a scam that looked so convincing—what was happening looked absolutely correct to the untrained eye—but the experts looked into the issue and were able to help the person who was being scammed to thwart the scammer. As I have said, there is not a week when I do not hear about a scam. Usually, they are against elderly people, but also against others those who inadvertently give out details and lose their savings. Just a few months ago, a gentleman in my constituency was scammed. The appearance of legitimacy and truthfulness meant that he did not fear that it was a scam, but he lost £20,000, which has never been retrieved.

    Cyber-attacks are one of the most common types of crime experienced by individuals in the UK. According to national crime statistics, some 2.4% of adults in 2017 and a higher percentage today will have experienced cyber-attacks, including on their personal computers, which is what this debate is about; I thank the hon. Member for Bridgend for setting the scene.

    User behaviour is a factor in the poor cyber-security of consumer devices, whether by the individual or the system that they use. The 1990 Act needs to be reviewed to provide greater protection. Some user behaviours include using default, weak or reused passwords. What can we do? We need to establish good practice in the industry, improve the cyber-security of consumer products, adopt a vulnerability disclosure policy, make software updates available for stated lengths of time, and inform consumers on setting up, managing and improving the security of household connected devices, as in the DCMS’s own code of practice, which was published some time ago.

    UK infrastructure must be protected. The Government have identified cyber as one of the top six tier 1 threats. Cyber-crime costs the UK some £1.27 billion per year, with about 60 high-level cyber-attacks a month, which indicates the magnitude of the problem. Many of the 60 high-level cyber-attacks a month threaten national security, which is also why this debate is important.

    The hon. Member for Bridgend referred to Ukraine. Russia launched a cyber-attack on Ukraine’s electricity network back in 2015. Some quarter of a million people were impacted by that attack, which I think he also referred to. That example shows that even six or seven years ago, before the war, cyber was being used as an instrument of war by Russia, and indicates how much cyber-attacks can disrupt and compromise. Cyber-attacks are a method of warfare, which is why I support the hon. Gentleman’s call for legislative change.

    I will make a plug, as I always try to do in these Westminster Hall debates. The Minister will be well aware that Belfast is a cyber-security stronghold and is very much at the forefront of cyber-security development. Belfast has become a capital of security. Any new cyber legislation must not prevent cyber-security experts from doing what they do best, which is finding the loopholes in programs.

    Much consultation must take place to ensure that the Government do not tie the experts’ hands or throw the baby out with the bathwater. After all, the experts are combating criminal activity, and abuse and aggression from foreign powers such as Russia and China. Will the Minister confirm that any legislation that is proposed will entail working with companies—for example, cyber-security companies in Belfast and Northern Ireland—to enable their excellent progress to continue?

    I fully support the motion tabled by the hon. Member for Bridgend. I look forward to hearing the contributions from the two Opposition spokespersons, and particularly to the Minister’s response. I hope that he can give us the reassurances we seek, so that we can continue to be at the forefront of cyber-security in Belfast, as we are throughout the whole of the United Kingdom.