The UK is the third most targeted country in the world for cyber-attacks, after the US and Ukraine. In recent years the UK has seen the use of offensive cyber capabilities by state and non-state actors proliferate, exacerbated by Russia’s full-scale invasion of Ukraine. The UK Government’s National Cyber Strategy 2022 and the Government Cyber Security Strategy 2022-2030 recognised cyber threats to UK Critical National Infrastructure (CNI) - infrastructure whose disruption would have significant national impact - as an area of particular concern.
Digital infrastructure is critical for supporting growth and helping to transform the delivery of public services. It is a keystone in developing critical and emerging technologies within the Science and Technology Framework, and is essential to UK national security under the 2023 Integrated Review Refresh. Much of the UK’s CNI is underpinned by this digital infrastructure, which must be resilient to cyber-attack if it is to fulfil such fundamental roles in the UK economy.
The Committee has launched an inquiry into the cyber-resilience of the UK’s CNI. It will explore the progress of UK CNI toward achieving recently announced resilience targets by 2025, and what support the sector needs to achieve those targets and efforts to make computer hardware architecture more secure by design to protect CNI. What should be the Government’s approach to standards and regulations for cyber resilience and preparedness, supply chain access, and trusted partners?