Show Search Form

Search Results

registered interest	true false
date	exactly: or between: and
answering body
answering dept id
answering dept short name
answering dept sort name
hansard heading
house id
legislature	pref label
question text
tabling member constituency
tabling member printed
uin
answer	is ministerial correction true false date of answer exactly: or between: and answer text answering member constituency answering member printed grouped question UIN question first answered answering member label
tabling member	label

Search

1000229

	registered interest
	date	02/11/2018
	answering body	Cabinet Office
	answering dept id	53
	answering dept short name	Cabinet Office
	answering dept sort name	Cabinet Office
	hansard heading	Government Departments: Data Protection
	house id	1
	legislature	25259 pref label House of Commons
	question text	To ask the Minister for the Cabinet Office, how many data breaches were reported by each Government department to the Government Security Group in each of the last four years.
	tabling member constituency	Leigh
	tabling member printed	Jo Platt
	uin	187361
	answer	answer is ministerial correction date of answer 12/11/2018 answer text <p>Cabinet Office does not require central reporting of data breaches by government departments.</p><p> </p><p>The <a href="https://www.gov.uk/government/publications/the-minimum-cyber-security-standard" target="_blank">minimum cyber security standard</a> outlines the communications required by a department when there is a security incident that impacts on sensitive information or key operational services.</p><p> </p><p>The Government Security Group would be involved in the response to a category one or two</p><p>cyber security incident impacting a central government department(s), however to date an incident of this type has not occurred.</p><p> </p><p>The <a href="https://www.ncsc.gov.uk/news/annual-review-2018" target="_blank">National Cyber Security Centre’s Annual Report (2018)</a> provides the total number of incidents it has dealt with over the past year.</p> answering member constituency Aylesbury answering member printed Mr David Lidington question first answered 12/11/2018 09:37:31 answering member 15 label Biography information for Sir David Lidington
	tabling member	4673 label Biography information for Jo Platt

1024009

	registered interest
	date	12/12/2018
	answering body	Cabinet Office
	answering dept id	53
	answering dept short name	Cabinet Office
	answering dept sort name	Cabinet Office
	hansard heading	Government Departments: Data Protection
	house id	1
	legislature	25259 pref label House of Commons
	question text	To ask the Minister for the Cabinet Office, pursuant to the Answer of 27 November 2018 to Question 196203 and with reference to the Government's Technology Code of Practice principles Cloud First policy, whether it is Government policy to prevent any government department or service from storing cloud-based data hosted in any specific nation states.
	tabling member constituency	Leigh
	tabling member printed	Jo Platt
	uin	201721
	answer	answer is ministerial correction date of answer 07/01/2019 answer text <p>Neither the Technology Code of Practice nor the Cloud First Policy directly prevent government departments or services from storing cloud based data in any specific nation state. It is the responsibility of each government department to take risk-based decisions about their use of cloud providers for the storage of government data.</p> answering member constituency Aylesbury answering member printed Mr David Lidington question first answered 07/01/2019 17:16:11 answering member 15 label Biography information for Sir David Lidington
	tabling member	4673 label Biography information for Jo Platt

1027224

	registered interest
	date	17/12/2018
	answering body	Cabinet Office
	answering dept id	53
	answering dept short name	Cabinet Office
	answering dept sort name	Cabinet Office
	hansard heading	Government Departments: Data Protection
	house id	1
	legislature	25259 pref label House of Commons
	question text	To ask the Minister for the Cabinet Office, how many Government Departments use (a) a domain message authentication reporting and conformance cybersecurity system (b) a system for identifying external emails to recipients and (c) a protocol for timely staff reporting of suspicious emails.
	tabling member constituency	Leigh
	tabling member printed	Jo Platt
	uin	202801
	answer	answer is ministerial correction date of answer 20/12/2018 answer text <p>Active Cyber Defence (ACD) is a collection of services implemented by the NCSC that aim to protect the UK from the high-volume commodity attacks that affect people’s everyday lives. Mail Check is one of these services which enables an organisation to authenticate the email they send so that a receiver can determine if it is genuine or fake using Domain-based Message Authentication Protocol (DMARC). The NCSC plans to implement Mail Check for all 44 Central Government departments - in December 2018 95% were actively using Mail Check and 80% had adopted a basic DMARC policy.</p> answering member constituency Aylesbury answering member printed Mr David Lidington question first answered 20/12/2018 15:33:07 answering member 15 label Biography information for Sir David Lidington
	tabling member	4673 label Biography information for Jo Platt

1027225

	registered interest
	date	17/12/2018
	answering body	Cabinet Office
	answering dept id	53
	answering dept short name	Cabinet Office
	answering dept sort name	Cabinet Office
	hansard heading	Government Departments: Data Protection
	house id	1
	legislature	25259 pref label House of Commons
	question text	To ask the Minister for the Cabinet Office, whether the Government security profession unit has a target for the number of cyber-security professionals it plans to recruit.
	tabling member constituency	Leigh
	tabling member printed	Jo Platt
	uin	202802
	answer	answer is ministerial correction date of answer 20/12/2018 answer text <p>Government departments are responsible for ensuring adequate staffing levels to meet the organisational risk it carries. Though no single target number for cyber security specialists exist, the Government Security Profession team will support departments through the delivery of centralised strategy for the recruitment and retention of cyber skills in departments.</p> answering member constituency Aylesbury answering member printed Mr David Lidington question first answered 20/12/2018 15:34:56 answering member 15 label Biography information for Sir David Lidington
	tabling member	4673 label Biography information for Jo Platt

1029557

	registered interest
	date	20/12/2018
	answering body	Cabinet Office
	answering dept id	53
	answering dept short name	Cabinet Office
	answering dept sort name	Cabinet Office
	hansard heading	Government Departments: Data Protection
	house id	1
	legislature	25259 pref label House of Commons
	question text	To ask the Minister for the Cabinet Office, pursuant to the Answer of 20 December 2018 to Question 202801, for what reason no reference was made in that Answer to the number of Government Departments which use (a) a system for identifying external emails to recipients and (b) a protocol for timely staff reporting of suspicious emails.
	tabling member constituency	Leigh
	tabling member printed	Jo Platt
	uin	204633
	answer	answer is ministerial correction date of answer 07/01/2019 answer text <p>Cabinet Office does not hold this information centrally. It is the responsibility of each government department to manage how they receive external emails and report suspicious emails based on their security requirements. Domain-based Message Authentication Protocol (DMARC) is the system in which Departments identify external email.</p><p>The NCSC provides guidance and support to government departments on how to implement good cyber hygiene for staff, including the reporting of suspicious emails of which Cabinet Office have no central record of these figures.</p> answering member constituency Aylesbury answering member printed Mr David Lidington question first answered 07/01/2019 17:25:19 answering member 15 label Biography information for Sir David Lidington
	tabling member	4673 label Biography information for Jo Platt

997215

	registered interest
	date	29/10/2018
	answering body	Cabinet Office
	answering dept id	53
	answering dept short name	Cabinet Office
	answering dept sort name	Cabinet Office
	hansard heading	Government Departments: Data Protection
	house id	1
	legislature	25259 pref label House of Commons
	question text	To ask the Minister for the Cabinet Office, how many data breaches were recorded by each government department in each of the last four years.
	tabling member constituency	Leigh
	tabling member printed	Jo Platt
	uin	185107
	answer	answer is ministerial correction date of answer 01/11/2018 answer text <p>The Cabinet Office does not require central Government Departments to report their personal data breaches and so does not hold this information centrally.</p><p> </p><p>In June of 2018 the Minimum Cyber Security Standards were published requiring each department to have a plan to reporting data breaches. It states that</p><p><em> </em></p><p><em>Departments shall have communication plans in the event of an incident which includes notifying (for example) the relevant supervisory body, senior accountable individuals, the Departmental press office, the National Cyber Security Centre (NCSC), Government Security Group (Cabinet Office), the Information Commissioner’s Office (ICO) or law enforcement as applicable (not exhaustive).</em></p><p> </p> answering member constituency Aylesbury answering member printed Mr David Lidington question first answered 01/11/2018 12:16:49 answering member 15 label Biography information for Sir David Lidington
	tabling member	4673 label Biography information for Jo Platt

997216

	registered interest
	date	29/10/2018
	answering body	Cabinet Office
	answering dept id	53
	answering dept short name	Cabinet Office
	answering dept sort name	Cabinet Office
	hansard heading	Government Departments: Data Protection
	house id	1
	legislature	25259 pref label House of Commons
	question text	To ask the Minister for the Cabinet Office, what recent estimate he has made of the number of separate teams or organisations throughout government tasked with protecting information or monitoring data breaches.
	tabling member constituency	Leigh
	tabling member printed	Jo Platt
	uin	185108
	answer	answer is ministerial correction date of answer 01/11/2018 answer text <p>The Cabinet Office does not record centrally the number of separate teams or organisations tasked with protecting information or monitoring data breaches. However, the Government Chief Security Officer (GSCO) is ensuring that each department has a Senior Security Advisor responsible for advising their boards on security risks and appropriate steps to mitigate them.</p> answering member constituency Aylesbury answering member printed Mr David Lidington question first answered 01/11/2018 15:38:42 answering member 15 label Biography information for Sir David Lidington
	tabling member	4673 label Biography information for Jo Platt

1669094

	registered interest
	date	09/11/2023
	answering body	Cabinet Office
	answering dept id	53
	answering dept short name	Cabinet Office
	answering dept sort name	Cabinet Office
	hansard heading	Government Departments: Data Protection
	house id	1
	legislature	25259 pref label House of Commons
	question text	To ask the Minister for the Cabinet Office, what assessment his Department has made of the effectiveness of cross-departmental implementation of the Government Cloud First policy.
	tabling member constituency	Stevenage
	tabling member printed	Stephen McPartland
	uin	1121
	answer	answer is ministerial correction date of answer 17/11/2023 answer text <p>The Central Digital and Data Office (CDDO), in the Cabinet Office, is responsible for the Government’s Cloud strategy and for advising government departments on Cloud.</p><p>CDDO has a quarterly data commissioning process that collects metrics across a number of strategic areas including cloud adoption. Central government organisations report their estimated percentage of technology assets hosted on cloud. Further to this, CDDO operates the Quarterly Business Review, a joint Cabinet Office-HM Treasury assurance review of departmental delivery that allows CDDO to query departmental progress on implementing cloud first adoption.</p><p> </p> answering member constituency Brentwood and Ongar answering member printed Alex Burghart question first answered 17/11/2023 12:10:25 answering member 4613 label Biography information for Alex Burghart
	tabling member	4093 label Biography information for Stephen McPartland

1687343

	registered interest
	date	05/02/2024
	answering body	Cabinet Office
	answering dept id	53
	answering dept short name	Cabinet Office
	answering dept sort name	Cabinet Office
	hansard heading	Government Departments: Data Protection
	house id	1
	legislature	25259 pref label House of Commons
	question text	To ask the Minister for the Cabinet Office, what steps his Department is taking to ensure that Government data which is shared with third-party organisations is protected.
	tabling member constituency	Hampstead and Kilburn
	tabling member printed	Tulip Siddiq
	uin	13006
	answer	answer is ministerial correction date of answer 13/02/2024 answer text <p>The Central Digital and Data Office, in the Cabinet Office, sets the policy and leads the cross-government approach to the safe, ethical, legal and secure sharing of government data. They work with the Government Security Group, who also lead on the topic of Supply Chain Security.</p><p><strong> </strong></p><p>When sharing personal data with third party organisations, departments must make sure data is used fairly, lawfully and transparently, in compliance with the data protection principles set in UK GDPR and the Data Protection Act 2018. This includes having the requisite data protection controls and governance in place and working with vendors and partners to identify and remediate any risks. All government contracts with suppliers must consider the security of all information and set expectations for how it should be protected.</p><p><strong> </strong></p><p>Departments are responsible for managing their security risks, including the risks to their information that is held and processed by authorised third-parties. The Government Security Standard, local security policies and assurance frameworks such as the Cyber Assessment Framework set out how they should do this. These frameworks and good practice have been collaboratively developed by the Cabinet Office, the National Cyber Security Centre and Departments themselves.</p><p> </p> answering member constituency Brentwood and Ongar answering member printed Alex Burghart question first answered 13/02/2024 15:52:28 answering member 4613 label Biography information for Alex Burghart
	tabling member	4518 label Biography information for Tulip Siddiq

1524406

	registered interest
	date	19/10/2022
	answering body	Cabinet Office
	answering dept id	53
	answering dept short name	Cabinet Office
	answering dept sort name	Cabinet Office
	hansard heading	Government Departments: Data Protection
	house id	1
	legislature	25259 pref label House of Commons
	question text	To ask the Minister for the Cabinet Office, what steps the Government is taking to ensure all official-sensitive documents are not distributed via personal channels.
	tabling member constituency	Vauxhall
	tabling member printed	Florence Eshalomi
	uin	67273
	answer	answer is ministerial correction date of answer 25/10/2022 answer text <p>The Government takes matters of security very seriously. Government Departments routinely provide advice and guidance, including to ministers, on the appropriate handling of Government information.</p><p> </p> answering member constituency Croydon South answering member printed Chris Philp grouped question UIN 67274 question first answered 25/10/2022 11:34:09 answering member 4503 label Biography information for Chris Philp
	tabling member	4870 label Biography information for Florence Eshalomi