Category: Technology

The statement made by Julia Lopez, the Minister for Media, Data and Digital Infrastructure, in the House of Commons on 19 January 2022.

Today, my Department has launched two consultations seeking public views on our proposals to improve the UK’s cyber resilience.

The UK, as one of the leading digital nations, has accelerated its adoption of digital technologies. These technologies have rapidly become integral to the functioning of our economy and form an important part of our critical national infrastructure. In order to ensure our continued prosperity, it is vital that cyber-security is a fundamental part of our country’s digital transformation journey.

Cyber-security incidents are increasing in frequency and sophistication, with the potential to cause severe damage to critical national infrastructure and the economy. Over the course of the last year, the National Cyber Security Centre has faced an unprecedented increase in the volume of cyber-security incidents to which it has had to respond. In addition, there have been a number of high-profile cyber incidents within the last year, both domestically and abroad, which have highlighted the increasing sophistication of threats to the UK’s cyber resilience. The faster paced digitisation of the UK’s economy means that these attacks will have an even greater impact on British businesses and consumers.

Incidents such as the SolarWinds supply chain compromise in December 2020 and the ransomware attack on the Colonial pipeline in May 2020 demonstrated how such cyber-attacks can impact critical services and national infrastructure. At the same time, they have also highlighted the increased need for a sustained supply of diverse and skilled individuals into the cyber workforce to make systems more resilient against cyber-threats like these.

Today’s consultations are aimed at addressing these challenges. They are divided into three distinct pillars, which are discussed over two separate consultations, given the nature and audience of the differing pillars.

The first consultation covers pillars 1 and 2, and applies to the whole of the United Kingdom. Changes proposed here affect the Network and Information Systems (NIS) Regulations 2018. This is a key piece of cyber-security legislation which establishes legal measures to strengthen the overall level of security (both cyber and physical resilience) of network and information systems that are critical for the provision of essential UK services, such as transport, energy, water, digital infrastructure, arid health, as well as key digital services.

Proposals in pillar 1 seek to bring additional critical providers of digital services under the NIS regulations. The proposals also establish a new risk-based and proportionate supervisory framework for all digital service providers in scope of NIS. Combined, these proposed measures will strengthen the oversight of providers who frequently have privileged access and provide critical support to essential UK services, and ensure that these businesses have adequate cyber-security protections in place.

The proposals in the second pillar seek to future-proof the NIS regulations, by allowing changes to be implemented so the UK can adapt to evolving threats and technological developments. The Government propose powers to allow important updates to the NIS framework to be made in the future, either to respond to changing threats or technology or to cover other areas as necessary, as well as provisions to secure the most critical organisations on which essential services depend. The Government would also propose to make changes to the current cost recovery system and the incident reporting framework under NIS. Measures proposed in both of these pillars seek to address some of the supply chain cyber-security issues which we have experienced, and which, given the nature of the digital economy, are here to stay.

The second consultation covers the third pillar. Its audience is different from the first two pillars and its proposals are limited to England only. It proposes a set of additional approaches the Government can provide in quality-assuring the cyber profession. This includes exploring both legislative and non-legislative options. The Government will look to the UK Cyber Security Council to be the professional authority to ensure efforts to supply the cyber workforce with diverse and high-quality individuals is done consistently and sustainably. The role of the council will involve developing professional standards and a career pathways framework, bringing together the existing qualification and certification market under a coherent structure. The consultation seeks to gather views on embedding a legislative underpinning for the cyber profession as well as non-legislative measures including a potential role for Government procurement requirements that explores the extent to which a similar demonstration of competence should be required for specific Government functions.

Copies of the consultation on proposals for legislation to improve the UK’s cyber resilience and embedding standards and pathways across the cyber profession by 2025 can be found on the Government website: https://www.gov.uk/government/consultations/proposal-for-legislation-to-improve-the-uks-cyber-resilience.

Sharing views will help improve the UK’s cyber-security regulations. By strengthening the oversight of critical digital suppliers, existing cyber-regulation, and improving the UK’s cyber-security profession, we can solidify the UK’s position as a democratic and responsible cyber-power and protect our essential services (such as the NHS, transport services, digital services and energy supplies). This will, ultimately, defend the interests, livelihoods, and economic prosperity of our people and businesses.

The comments made by Julia Lopez, the Digital Infrastructure Minister, on 22 December 2021.

We are moving rapidly in our national mission to make sure everyone can benefit from faster gigabit-speed broadband. National coverage has jumped from six per cent to sixty-five per cent in just two years.

The law changes we are consulting on today will help us go further and faster to make our homes fit for the future with the infrastructure people will need to take advantage of new technologies in the coming decades

The comments made by Julia Lopez, the Minister for Media, Data and Digital Infrastructure, on 20 December 2021.

Every day hackers attempt to break into people’s smart devices. Most of us assume if a product is for sale, it’s safe and secure. Yet many are not, putting too many of us at risk of fraud and theft.

Our Bill will put a firewall around everyday tech from phones and thermostats to dishwashers, baby monitors and doorbells, and see huge fines for those who fall foul of tough new security standards.

The statement made by Julia Lopez, the Minister for Media, Data and Digital Infrastructure, in the House of Commons on 8 December 2021.

I would like to update the House on a package of measures and policy interventions we are announcing today to progress the Government’s 5G diversification strategy and the recommendations of the telecoms supply chain diversification taskforce.

Following a 5G diversification taskforce recommendation, the Government have worked closely with industry to confirm a date by which 2G and 3G networks will be switched off. The Government can now confirm that the mobile network operators do not intend to offer 2G and 3G mobile networks past 2033 at the latest. The Government welcome that some individual operators will switch off their networks, particularly their 3G networks, earlier than this date, and will announce their own plans about when and how they intend to do this. The Government welcome the responsible switching off of these networks, and will continue to work with network operators to ensure a smooth transition that meets the needs of business users and consumers, including vulnerable groups.

The Government are also announcing, together with UK mobile network operators, a joint ambition for 35% of the UK’s mobile network traffic to be carried over open and interoperable radio access network (RAN) architectures by 2030. The RAN is the part of the network that communicates directly with our devices, typically visible in the radio masts we see across the UK. Most networks today are characterised by closed “black boxes” in which all of the components are highly integrated and provided by a single, highly scaled vendor. “Opening” the RAN seeks to disaggregate these components and functions, lowering barriers to entry and promoting innovation. The Government welcome the steps taken by operators and suppliers to position the UK as a leader in the development of open and interoperable RAN technology and are pleased to commit £250 million of investment to support and accelerate this programme of work.

As part of this work to promote interoperable RAN, the Government will be providing just over £36 million of investment to fund projects that span key technology challenges to Open RAN adoption as part of the Future RAN Competition (FRANC). This investment will also support industry, academia and local authorities across the UK to realise the benefits of high-speed networks and create new commercial opportunities. Finally, the Government are investing a further £15 million in the SmartRAN Open Networks Interoperability Centre (SONIC Labs) to expand it into a fully-fledged interoperability testing facility that will break down barriers and support industry in developing interoperable solutions. This investment will enable the lab to expand its programme of interoperability testing and international engagement. These projects will be subject to final grant funding agreement.

The interventions demonstrate the Government’s commitment to delivering their diversification strategy and building lasting and sustainable supply for the infrastructure that underpins our entire digital economy. The Government will continue to update the House as this work progresses. Full details of the announcement will be published on www.gov.uk today.