answer text |
<p>This Government is committed to protecting citizens and public services from the
ever-evolving cyber threat.</p><p><strong> </strong></p><p>As set out in the 2023
National Risk Register, cyber attacks on the UK’s transport, health and social care,
and telecommunications systems were identified amongst the most serious risks currently
facing the UK. In addition, in this year’s National Cyber Security Centre (NCSC) Annual
Review, data theft - either through ransomware or the exploitation of vulnerabilities
in public-facing apps - and cyber-enabled fraud remain some of the most acute cyber
threats facing UK businesses and citizens. For example, between September 2022 and
August 2023, the NCSC received 297 reports of ransomware activity and 327 incidents
involving the exfiltration of data.</p><p><strong> </strong></p><p>The Government
takes data protection very seriously and we understand that data breaches are a matter
of great concern to those whose data may have been exposed in a cyber attack. It is
the responsibility of organisations affected to meet their statutory obligations under
the UK General Data Protection Regulation (GDPR) regarding notifying the Information
Commissioner’s Office (ICO) and the individuals affected of certain personal data
breaches.</p><p><strong> </strong></p><p>It would not be appropriate to comment on
specific cyber incidents for national security reasons. However, the Government has
already taken significant steps to reduce the risks identified and to strengthen our
cyber defences.</p><p><strong> </strong></p><p>The Government Cyber Security Strategy
2022 sets out our plans to significantly harden the Government’s critical functions
against cyber attack by 2025, with all organisations across the public sector being
resilient to known vulnerabilities by 2030. Alongside this, the National Cyber Strategy
2022 sets out our approach to tackling cyber threats against the wider population,
including by better detecting, disrupting and deterring malicious cyber actors and
embedding good cyber security practices and protections at national, organisation
and citizen level.</p><p> </p>
|
|