§ Lord Harris of Haringeyasked Her Majesty's Government:
What assessments they have made of the potential vulnerability of the critical national infrastructure to systematic cyber-attack by terrorists or organised crime; and what initiatives they have taken to protect it. [HL1537]
§ Baroness Scotland of AsthalThe National Infrastructure Security Co-ordination Centre (NISCC) is continually monitoring the threat of electronic attack against the UK's critical national infrastructure. NISCC has assessed that the threat of the sort of attack that could disable a critical service is low. Less serious, but damaging and costly attacks that might, for example, deface a website or deny service, are more likely.
Although the Government have well established defences, we are not complacent and the overall programme of NISCC work includes assuring the security of government systems, working with the private sector to improve the protection of its critical systems, raising awareness generally and opening dialogue with international partners.
§ Lord Harris of Haringeyasked Her Majesty's Government:
Which department is responsible for (a) protecting the computers and networks of the critical national infrastructure from systematic attack by an organised adversary; (b) preparing a national defence plan against such an attack; (c) directing the national response to any such attack; and (d) managing the reconstitution of the CNI in the event of it being extensively damaged following such an attack. [HL1538]
§ Baroness Scotland of AsthalThe Home Secretary has overall responsibility for the protection of the critical national infrastructure (CNI). It is the responsibility of the companies and organisations that make up the CNI to ensure that their systems are adequately protected from attack. They are offered extensive assistance in the task by the National Infrastructure Security Co-ordination Centre. This is an inter-departmental organisation which reports 157WA directly to the Home Secretary and which is charged with minimising the threat of electronic attack against the CNI, investigating and assessing threats, promoting protection and assurance, and responding to incidents.
§ Lord Harris of Haringeyasked Her Majesty's Government:
What is the national capability to (a) quickly detect a systematic attack on the computers and networks of the critical national infrastructure; (b) assess the manner and magnitude of such an attack; and (c) alert those responsible to the need for protection against the attack and what action to take. [HL1539]
§ Baroness Scotland of AsthalThe National Infrastructure Security Co-ordination Centre (NISCC) is responsible for minimising the risk of electronic attack against the critical national infrastructure (CNI). It works closely with government and private sector organisations which make up the CNI. NISCC undertakes the investigation, analysis and assessment of current and potential threats. It provides a 24-hour, seven day a week service for alerting CNI organisations to vulnerabilities in software and associated systems which could be exploited in an electronic attack. Such alerts are communicated directly to stakeholders and made immediately available on the NISCC website.