Show Search Form

Search Results

registered interest	true false
date	exactly: or between: and
answering body
answering dept id
answering dept short name
answering dept sort name
hansard heading
house id
legislature	pref label
question text
tabling member constituency
tabling member printed
uin
answer	is ministerial correction true false date of answer exactly: or between: and answer text answering member constituency answering member printed grouped question UIN question first answered answering member label
tabling member	label

Search

778094

registered interest
date	26/10/2017
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Cybersecurity
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Digital, Culture, Media and Sport, if she will place in the Library a copy of the letter sent to registered consultancies of the Government's Cyber Essentials scheme whose data was exposed owing to a configuration error in the Pervade Software platform.
tabling member constituency	Denton and Reddish
tabling member printed	Andrew Gwynne
uin	109965
answer	answer is ministerial correction date of answer 03/11/2017 answer text <p>I refer the Hon member to my answer to PQ 108123.</p> answering member constituency West Suffolk answering member printed Matt Hancock grouped question UIN 109582 question first answered 03/11/2017 09:43:10 answering member 4070 label Biography information for Matt Hancock
tabling member	1506 label Biography information for Andrew Gwynne

772015

registered interest
date	17/10/2017
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Cybersecurity
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Digital, Culture, Media and Sport, how many registered consultancies of the Government's Cyber Essentials scheme had data exposed due to a configuration error in the Pervade Software platform.
tabling member constituency	Denton and Reddish
tabling member printed	Andrew Gwynne
uin	108122
answer	answer is ministerial correction date of answer 25/10/2017 answer text <p>A configuration error in the Pervade Software platform used by an external third party led to system logs from companies, including assessors of and applicants to the Cyber Essentials scheme, being exposed, though there has been no evidence to suggest data was extracted.</p> answering member constituency West Suffolk answering member printed Matt Hancock question first answered 25/10/2017 10:23:53 answering member 4070 label Biography information for Matt Hancock
tabling member	1506 label Biography information for Andrew Gwynne

712072

registered interest
date	17/03/2017
answering body	Department for Culture, Media and Sport
answering dept id	10
answering dept short name	Culture, Media and Sport
answering dept sort name	Culture, Media and Sport
hansard heading	Cybersecurity
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Culture, Media and Sport, pursuant to the Answer of 27 February 2017 to Question 63984, how the Cyber Essentials scheme offers protection to organisations compliant with the scheme in the event that third party organisations that provide (a) email, (b) cloud storage and (c) other similar services to compliant organisations are themselves not compliant with that scheme.
tabling member constituency	Denton and Reddish
tabling member printed	Andrew Gwynne
uin	68393
answer	answer is ministerial correction date of answer 22/03/2017 answer text <p>The Cyber Essentials scheme sets out the basic technical controls which all organisations relying on the internet should have in place to prevent common online attacks. The scheme enables organisations themselves to determine which technologies are in scope of their Cyber Essentials assessment: this would not normally include any third party organisations.</p><p> </p><p>The Government recognises the importance of third party risk management and will continue to consider how the Cyber Essentials standard can be improved to better account for cloud based services. In addition, the Government is working with industry to ensure businesses encourage the firms in their supply chains to adopt Cyber Essentials where necessary and appropriate.</p> answering member constituency West Suffolk answering member printed Matt Hancock question first answered 22/03/2017 11:55:10 answering member 4070 label Biography information for Matt Hancock
tabling member	1506 label Biography information for Andrew Gwynne

712073

registered interest
date	17/03/2017
answering body	Department for Culture, Media and Sport
answering dept id	10
answering dept short name	Culture, Media and Sport
answering dept sort name	Culture, Media and Sport
hansard heading	Cybersecurity
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Culture, Media and Sport, pursuant to the Answer of 28 February 2017 to Question 64527, when the next regular review of all cyber security standards will be conducted.
tabling member constituency	Denton and Reddish
tabling member printed	Andrew Gwynne
uin	68382
answer	answer is ministerial correction date of answer 04/04/2017 answer text <p>The Government keeps the material relating to cyber security standards for which it is responsible - such as the Cyber Essentials scheme - under regular review and updates it as and when required.</p><p> </p><p>For example, following industry and customer feedback, the requirements for the Cyber Essentials scheme were recently updated and can be found at:</p><p>https://www.ncsc.gov.uk/information/requirements-it-infrastructure-cyber-essentials-scheme</p><p> </p><p>The vast majority of technical standards are owned and driven by industry, for example the ISO 27001 range of standards on cyber security. These standards are usually global in nature, and governments are part of the debate amongst many industry voices when it comes to reviewing and/or amending a given standard.</p> answering member constituency West Suffolk answering member printed Matt Hancock question first answered 04/04/2017 13:34:57 answering member 4070 label Biography information for Matt Hancock
tabling member	1506 label Biography information for Andrew Gwynne

691765

registered interest
date	20/02/2017
answering body	Department for Culture, Media and Sport
answering dept id	10
answering dept short name	Culture, Media and Sport
answering dept sort name	Culture, Media and Sport
hansard heading	Cybersecurity
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Culture, Media and Sport, what the timetable is for updates to the Cyber Essentials scheme.
tabling member constituency	Denton and Reddish
tabling member printed	Andrew Gwynne
uin	64527
answer	answer is ministerial correction date of answer 28/02/2017 answer text <p>As part of the regular reviews of all cyber security standards, the Government considers whether Cyber Essentials needs to be updated.</p> answering member constituency West Suffolk answering member printed Matt Hancock question first answered 28/02/2017 14:40:10 answering member 4070 label Biography information for Matt Hancock
tabling member	1506 label Biography information for Andrew Gwynne

690191

registered interest
date	17/02/2017
answering body	Department for Culture, Media and Sport
answering dept id	10
answering dept short name	Culture, Media and Sport
answering dept sort name	Culture, Media and Sport
hansard heading	Cybersecurity
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Culture, Media and Sport, what security measures are in place to ensure that suppliers compliant with the Cyber Essentials scheme utilise third party services who are also compliant with that scheme.
tabling member constituency	Denton and Reddish
tabling member printed	Andrew Gwynne
uin	63984
answer	answer is ministerial correction date of answer 27/02/2017 answer text <p>The Cyber Essentials scheme sets out the basic technical controls which all organisations relying on the internet should have in place to prevent common online attacks. The scheme does not require organisations certified under the scheme to use third parties which are also compliant with the scheme, though this is something the Government would recommend where appropriate.</p><p> </p><p>The Government itself requires its suppliers to hold a Cyber Essentials certificate where contracts involve the handling of sensitive data, such as personal and financial information, or the provision of certain ICT products and services. The recently published National Cyber Security Strategy set out a success measure that all Government suppliers will meet appropriate cyber security standards by 2021.</p><p> </p><p>In addition, the Government is working with industry to ensure businesses encourage the firms in their supply chains to adopt Cyber Essentials where necessary and appropriate; for example, organisations could work with their supply chains and discuss the best way to add resilience to the end-to-end delivery of a product or service, which could include a third party adopting Cyber Essentials.</p><p> </p> answering member constituency West Suffolk answering member printed Matt Hancock question first answered 27/02/2017 16:17:48 answering member 4070 label Biography information for Matt Hancock
tabling member	1506 label Biography information for Andrew Gwynne

690193

registered interest
date	17/02/2017
answering body	Department for Culture, Media and Sport
answering dept id	10
answering dept short name	Culture, Media and Sport
answering dept sort name	Culture, Media and Sport
hansard heading	Cybersecurity
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Culture, Media and Sport, whether the Cyber Essentials scheme includes protections against (a) structured query language injection and (b) other code vulnerabilities.
tabling member constituency	Denton and Reddish
tabling member printed	Andrew Gwynne
uin	63988
answer	answer is ministerial correction date of answer 27/02/2017 answer text <p>The Cyber Essentials scheme sets out the basic technical controls which all organisations relying on the internet should have in place to prevent common online attacks. The scheme requires software running on computers and network devices to be kept up-to-date and have the latest security patches installed: this is designed to protect against known code vulnerabilities.</p><p> </p><p>Although Cyber Essentials is intended to provide a good basic level of cyber security, it does not represent a full cyber risk management regime, which is something set out in the more comprehensive ‘10 Steps to Cyber Security’ guidance. As part of the regular reviews of all cyber security standards, the Government considers whether Cyber Essentials needs to be updated to reflect other risks. The value of Cyber Essentials lies in its simplicity and it is important to balance this against breadth and depth of controls.</p> answering member constituency West Suffolk answering member printed Matt Hancock question first answered 27/02/2017 16:16:42 answering member 4070 label Biography information for Matt Hancock
tabling member	1506 label Biography information for Andrew Gwynne

690194

registered interest
date	17/02/2017
answering body	Department for Culture, Media and Sport
answering dept id	10
answering dept short name	Culture, Media and Sport
answering dept sort name	Culture, Media and Sport
hansard heading	Cybersecurity
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Culture, Media and Sport, whether the Cyber Essentials scheme includes requirements to educate staff on the risk of (a) phishing attacks through email and (b) other user induced attacks.
tabling member constituency	Denton and Reddish
tabling member printed	Andrew Gwynne
uin	63989
answer	answer is ministerial correction date of answer 27/02/2017 answer text <p>The Cyber Essentials scheme sets out the basic technical controls which all organisations relying on the internet should have in place to prevent common online attacks. The scheme requires up-to-date malware protection software to be installed on all internet-connected computers: this is designed to detect and disable the malicious software which an organisation might be exposed to via phishing attacks, and prevent users making connections to malicious websites on the internet.</p><p> </p><p>Cyber Essentials is a technical scheme and staff awareness training is therefore out of scope; however other pieces of guidance from the Government do recommend this. For example, the ‘10 Steps to Cyber Security’, the Government’s key piece of advice for organisations on managing cyber risk, sets out the importance of user education and awareness.</p><p> </p><p>The Government offers a range of free online cyber security training programmes at https://www.gov.uk/government/collections/cyber-security-training-for-business. In addition, the National Cyber Security Centre recently published a blog about phishing and user training, which explains that phishing is best tackled by implementing good technical defences and combining these with reasonable levels of user awareness, education and training: https://www.ncsc.gov.uk/blog-post/im-gonna-stop-you-little-phishie</p> answering member constituency West Suffolk answering member printed Matt Hancock question first answered 27/02/2017 16:10:06 answering member 4070 label Biography information for Matt Hancock
tabling member	1506 label Biography information for Andrew Gwynne

619820

registered interest
date	24/10/2016
answering body	Department for Culture, Media and Sport
answering dept id	10
answering dept short name	Culture, Media and Sport
answering dept sort name	Culture, Media and Sport
hansard heading	Cybersecurity
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Culture, Media and Sport, how many organisations have recertified (a) Cyber Essentials and (b) Cyber Essentials Plus in each year since each scheme's creation.
tabling member constituency	Denton and Reddish
tabling member printed	Andrew Gwynne
uin	49949
answer	answer is ministerial correction date of answer 27/10/2016 answer text <p>Since the Cyber Essentials scheme began it is estimated that 377 organisations have been certified more than once. This includes organisations that have both Cyber Essentials and Cyber Essentials Plus certificates, as well as those that have been certified more than once with different IT systems in scope.</p> answering member constituency West Suffolk answering member printed Matt Hancock question first answered 27/10/2016 15:13:23 answering member 4070 label Biography information for Matt Hancock
tabling member	1506 label Biography information for Andrew Gwynne

619824

registered interest
date	24/10/2016
answering body	Department for Culture, Media and Sport
answering dept id	10
answering dept short name	Culture, Media and Sport
answering dept sort name	Culture, Media and Sport
hansard heading	Cybersecurity
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Culture, Media and Sport, how many start-up businesses have participated in the Early Stage Accelerator programme since it began.
tabling member constituency	Denton and Reddish
tabling member printed	Andrew Gwynne
uin	49954
answer	answer is ministerial correction date of answer 28/10/2016 answer text <p>So far, 23 individuals are participating in the current programme which started on 12 September.</p><p> </p><p>The early stage accelerator programme, called HutZero, is part of the Government’s strategy to promote the UK cyber security industry, and is designed to transform early stage ideas into workable proposals and potential new businesses. The programme supports individuals at the very start of their entrepreneurial journey.</p><p> </p><p> </p> answering member constituency West Suffolk answering member printed Matt Hancock question first answered 28/10/2016 09:26:17 answering member 4070 label Biography information for Matt Hancock
tabling member	1506 label Biography information for Andrew Gwynne