I am pleased to inform the House that the government has published a document entitled, “Call for Views on the Resilience and Security of Software used by Businesses and Organisations”. This document sets out the government’s existing assessment of the cyber security risks posed by software and seeks responses from industry, academia, and other organisations, over a twelve-week period. These views will help to formulate UK government policy in this area.

Digital technologies play a crucial and ever-increasing role in the UK economy, and in the day-to-day lives of citizens. Increasing digitisation brings huge economic and social opportunities and the UK is well placed to take full advantage of this. Embracing digital technologies across our economy is crucial to delivering the ambitions we set out in the National Cyber Strategy and UK Digital Strategy to secure the UK’s prosperity, national security, global competitiveness and geo-political standing in the world.

To achieve these aims, we must ensure consumers and businesses feel confident in the use of digital technologies, which means the foundations of our technology must be secure. Software is a fundamental building block of all digital environments, and is often the point of entry for a cyber attack. Over the past 3 years, there has been an average annual increase of more than 700% in the number of software supply chain attacks globally. Incidents in recent years such as the 2020 SolarWinds attack and the discovery of the Log4j vulnerability in 2021, have demonstrated the widespread impact that software incidents can have on national security as well as businesses, charities, educational institutions and other organisations operating across the UK. Strengthening the resilience of software is an important part of strengthening organisational cyber resilience more widely. This will help reduce the cyber threat to the economy and prevent harm to businesses, UK citizens and the UK’s worldwide customers.

As such, we have launched this twelve-week call for views process, where we welcome views on the key risks linked to software, and where the government will be best placed to help mitigate them. These views will help shape UK government policy, and ensure that our resources are directed at the highest priority areas. We look forward to working with organisations, policymakers, academics, international partners and other interested parties, to make the UK a stronger and more secure place for organisations to do business.

I will place a copy of the ‘Call for Views on the Resilience and Security of Software used by Businesses and Organisations’ document in the Libraries of both Houses.

https://www.theyworkforyou.com/wms/?id=2023-02-06.hcws544.0